top of page

Security Profile

Imkore’s Millennia Group is vigilant in protecting our clients data.  We follow SOC, HIPAA and GDPR guidelines for data and information security and confidentiality.  Here is a summary of some of our efforts to protect our client data.

Below is a listing of available services.

SOC Audits

Since 2018 Millennia Group has undertgone a SOC 2, Type 2 audit by a third party that is testing our compliance on Security and Confidentiality controls for our company and FileStar.  Each year we have received a clean SOC 2, Type 2 report.

Our audits cover our internal controls and rely on the controls in place and managed by our third party data center hosting company, Microsoft Azure.

Vulnerability and Penetration Testing

Millennia Group uses a third party to conduct monthly internal and external vulnerability scans and an annual penetration tests on our environments.  The penetration test includes a social engineering test.  These reports are entered into our internal compliance workflow where they are reviewed by senior management and members of the Security Group. 

Vulnerabilities are investigated and remediated and evidence is recorded in our workflow process.  

Data Protection and Monitoring

In order to ensure our data integrity policies are being followed, we employee a variety of tools to monitor our infrastructure, applications and users.  Here are some of our solutions that are being utilized:

  • Endpoint Protection

  • Intrusion Detection

  • USB and Port Security

  • Virus Protection

  • Firewalls

  • Drive Encryption

  • Data Loss Protection

  • File Integrity Monitoring

Internal Audits and Compliance

In order to maintain and continuous and active review of our security posture, we conduct quarterly internal security audits that mimic the SOC audit requirements.  These audits include quarterly security awareness training sessions for all employees.

We also conduct annual security testing for all employees based on the level of data access.  Access requests are managed via our compliance workflow and require approval from senior management.  Our policies are available to employees in the company portal.  This includes our incident response plan and disaster recovery procedures.

Physical Security

Millennia's facility is equipped with video monitoring of entrance points and the secure rooms within the facility.  Entry requires a code and access card.  Logs are maintained for all access and video and those logs are reviewed weekly within our compliance workflow.  Access rights are reviewed quarterly.

Client and Vendor Onboarding

All potential clients and vendors must go through an onboarding review process that includes security implications and screenings before acceptance.  Documentation requirements must be met as well.

Clients and vendors are ranked to ensure proper treatment of data security and access requirements.  These policies and procedures are tested quarterly.  Off-boarding procedures must be followed as well include proper data destruction.

Employee Onboarding

All prospective new employees must undergo background checks and reference checks before hiring.  New hires receive security training and job training.  The process is driven by a company workflow and checklist to ensure policies are followed.

Employee off-boarding follows a similar process to ensure access rights are removed and procedures are followed for data protection.

These are just some of the policies and procedures that we follow in order to protect our clients data.  Our policies and procedures also include other frameworks such as HIPAA and GDPR guidelines.

bottom of page