Continuous Improvement Software

A Comprehensive Management System Software Solution
Home     Consultants | Resellers     News     About Us     Contact Us      

 

Protecting your information...

 

The security of our customer's information is the most important concern of all our developers and designers. It is for that reason alone that we have outsourced our software to what we consider the best available service in the United States of America. OpSource is our provider and you may visit their web site by clicking on their logo in the top right corner of this page.

The following two documents may be downloaded and provide an overview of the security in place at OpSource and their SAS-70 Security Certification.

 

View OpSource Security Certificate

 

OpSource Security Explained

 

Of course security is not only localized at OpSource. We at CIS Software have implemented the following security policies to further ensure that there is no un-authorized access to our customer's information.

 

  1. OpSource has 100% control of our CIS software system;

  2. OpSource makes all revisions to the systems and they require us to provide them with the revisions and explanations;

  3. Our programmers do not have access to the server without first requesting this access from OpSource who will:

    • Provide the access when reasonably required to assist OpSource;

    • Provide access for an agreed time, period  and date;

    • Track and record every movement of our programmers while they have access to the server.

  4. Our developers and programmers will only have access to the test (Beta) web which is not located at OpSource. We use the beta web to implement new features and test them to ensure 100 % conformance to our specification;

  5. OpSource requires our programmers to reproduce any problem on the beta web and provide them the solution to be implemented on the live systems by OpSource;

  6. OpSource does not have any passwords to access customer’s systems and if it became necessary for them to access a customer’s system, they would make this request to CIS Head Office who will would forward the request to the applicable customer. The customer will be responsible to provide by e-mail directly to OpSource a login name and password to their system and to suspend this login immediately after the testing or investigation of the problem is completed;

  7. We have Non-disclosure agreements within our contracts with the programmers, server companies and all Master Distributors and CIS Certified Consultants.

 

We would like to point out some further notes about security and confidentiality of information. We have always included this subject in each of our start-up seminars and we discuss it in the training video on document and control. The absolute best control is when a company controls the access to open a document. All software programs and windows provides for the ability to assign passwords to documents so that they may only be opened by users knowing the passwords. The encryptions today are impossible to crack. We suggest different levels of passwords to reflect different levels of authority. If a document is truly sensitive, it should have a password to enable authorized personnel only to open it. Larger firms will password-protect all sensitive documents. This ensures security across all platforms including managers and employees who may have access to this sensitive material but can not open the material without the proper password. This is actually a requirement in the food industry and is common-place when dealing with company recipes. When some one leaves the company, their access to CIS should be suspended and consideration to change the document passwords should be evaluated for risk potential.