Data Security

Call us

937-409-5745

The NCC Difference

Data handling is an important consideration when you outsource your business services. We are sensitive to this essential concern, which is why we take every possible care to guarantee the absolute confidentiality, integrity and availability of information we process, transact, and store. 

According to Adolfo Quintero, President and CEO at AGR Group Inc ® :”Identity theft is something all contact centers need to be cognizant of, and it’s absolutely essential to always be a few steps ahead to apply tools and procedures that will guarantee data security to our clients.” 

As a multinational company, we comply with the various data security regulations required by the different jurisdictions in which we operate.

Information Security Program

We maintain continuous compliance at our delivery centers in Barranquilla, Colombia and Las Vegas, USA. We provide PCI DSS Level 1 compliance operations for a range of clients with North American regulatory requirements.

Card Data Environment

Our PCI DSS Level 1-certified facility in Nevada, USA is staffed with professionals who are within the local quarantine zones to ensure that our PCI-certified programs are delivered from our secure card data environment, avoiding information security risks associated with telecommuting. All card data operators undergo a thorough background check conducted by a third-party service provider.

Training & Reinforcement

Our recurring training curriculum delivers ISMS, PCI DSS and Quality Management Standard (QMS) education to our workforce. Our staff are subject to local jurisdiction employment agreements that include strict non-disclosure, confidentiality and security provisions.

Active Directory

We utilize a Microsoft Active Directory-based server infrastructure with geographically redundant systems protected by external and internal firewalls to ensure compliance with PCI and related network segmentation requirements. 

Offices
  • CCTV monitoring throughout our offices
  • Disaster recovery plans in all our offices
  • Biometric fingerprint reader system and/or Radio Frequency Identification (RFID) to restrict access
  • Paperless environment
  • No printers, USB pen drives, CDs/DVDs, any computing or storage device inside the production floor
  • Company badge requirement for all staff
Systems & Servers
  • High security data servers are located at data centers in USA
  • Computer networks are safeguarded by many levels of software and hardware firewalls
  • Computer monitoring software and password for every computer user
  • Online file transfer system with 256-bit encryption
  • Periodic vulnerability and penetration testing Intruder detection system
Staff
  • Strict nondisclosure and confidentiality agreement
  • Comprehensive background verification check
  • Independent security clearance
  • Periodic training on information security
  • Regular information security campaigns and audits
  • Robust information security policies and strict implementation, with possible sanctions leading up to termination for any violation