SUMMARY

Recognizing and agreeing with management's concerns over the security and control of information, Sonata Services has developed a security methodology that incorporates security practices that protect sensitive information and provide for mitigation of information security weaknesses. Signing of NDA's and enforceable agreements are just the beginning. This methodology focuses on the security and control of information regardless of format (i.e. hardcopy, electronic, etc.).

The following is a brief outline of the areas Sonata Services typically evaluates as part of our Information Security Assessment for every Partner’s Global Operating Unit (GOU):

ADMINISTRATION SECURITY

In the domain of administration security, Sonata Service’s focus is on securing the administration and control over the information technology resources within the Partner's GOU. We typically focus on:

☆

☆

☆

☆

☆

☆

PHYSICAL SECURITY

In the domain of physical security Sonata Service’s focus is on the protection and control of information and assets within the facility. Areas of focus include:

☆

☆

☆

☆

DATA SECURITY

In the domain of data security, Sonata Services focus is on the implementation, utilization and enforcement of information technology standards across the GOU. Standards are reviewed and tested every 3 months. Information secured includes:

☆

☆

☆

☆

☆

NETWORK SECURITY

In the domain of network security, Sonata Services focus is on the logical security across the technical architecture within each GOU. The Sonata Services security team implements a secured GOU network using firewalls and other design techniques in order to secure the operating environment. Most GOU’s include the following:

☆

☆

☆

☆

Each GOU at Sonata Services is a dedicated operating environment that provides security for sensitive information in a controlled and protected infrastructure.