We have a long-standing corporate continuity policy that mitigates risk and protects our clients’ data.
We minimize any impact of significant incidents through coordinated continuity planning and resource management. These plans provide guidelines for ensuring that necessary personnel and resources are available to respond to incidents and ensure the timely restoration of services. For example:
- Data centers are geographically diverse and independent of office locations
- Incidents are contained to a specific location
- Other locations support critical operations as the incident is addressed
- Vital employees have laptops and virtual private network (VPN) capability
- When a laptop is unavailable, we maintain a scalable pool of virtual machines preloaded with business-critical applications that can be securely accessed from any computer
Because our operations are essential, we perform annual business continuity plan testing. We also contract with outside vendors to test our information security infrastructure by conducting penetration exercises. Routine security assessments protect us from evolving and increasingly sophisticated threats.
We have never needed to invoke our Disaster Recovery or Business Continuity Plans. Nevertheless, during mandatory COVID-19 lockdowns, the majority of our employees rapidly transitioned to a remote work environment without any loss of productivity or interruption to client service. Prior technology investments and advance preparation ensured this smooth transition.
