SECURITY & COMPLIANCE
How We Store, Process, and Secure Your Data
Data Centers:
PharmaServ is hosted at Amazon data centers, running on Amazon Web. This data centers are spread accross multiple regions, providing physical security 24/7, state of the art fire suppression, redundant utilities, and biometric devices to ensure your data is safe.
Network Security:
We take several steps to protect your data and prevent eavesdropping between your systems and ours. All network traffic runs over SSL/HTTPS, the most common and trusted communications protocol on the Internet. We have configured firewalls in place to restrict access from malicious adddresses.
System Security:
We regularly patch our softwares and operating systems to the lastest and most secure version. We maintain system consistency and security using strong passwords, and restricting access to only authorized people.
Security Operations:
We monitor our systems 24/7 using state-of-the-art alert and monitoring tools to detect anomalies and act immediately. We monitor activity logs for auditing, troubleshooting and policy reasons. We are always looking for potential system interruptions and we address the issues to prevent reoccurence in future.
Restricted Access:
We operate on least priviledge access, granting only access to resources requred to perform a task. We ensure confidentiality of our customers assests and other vital information. You fully control how your information is used.
PharmaServ offices are protected behind network firewalls from well-known security vendors and secured by keycard access. Our employee workstations and laptops are imaged and managed using JAMF.
Vulnerabilty Assesment and Penetration Testing:
We carry out regular vulnerability assessment and penetration testing of our systems and applications, checking for potentian threat and weaknesses attackers can use to gain unauthorized access to our system.
Application Level Security:
We prevent single point of failure. In the advent of service interruption, we have back up services that run immediately allowing you to continue your business withouth hitch. Our services are cloud based, making them accessible world wide.
Data Protection, Continuity, and Retention:
Production data is mirrored to remote systems and automatically backed up daily to a cloud and onpremise location. We ensure 100% confidentiality, integrity and availability of your data.
Account Cancellation:
If you decide to terminate a contract, we ensure all your data are removed from our system, you can also request for certain transferrable data be transferred to you if need be. To cancel and delete your account, please contact your PharmaServ account manager. Canceling your account will restrict you from accessing our Platform and affects all data associated with your account. You can also request to suspend your account for a certain period.
NDPR Compliance:
PharmaServ is committed to ensuring ongoing compliance with the Nigeria Data Protection Regulation (NDPR). The NDPR extends the reach of the data protection laws 2019 and establishes many new requirements for organizations that fall under its scope.
Bug Bounty:
Our platform is constantly evolving to delight our customers with new features and innovation. In an effort to increase security of our ever-changing attack surfaces, we have implemented a bug bounty program that challenges our controls and tightens our defenses on a continuous basis.
