AROBS Transilvania Software

Request info

IP & Security


Who owns the copyright for the product and the source codes upon project completion?

 
All the rights to the product and the corresponding source code belong to you, unless we specify otherwise in our contract. If you wish, we can eliminate all the information referring to AROBS as a producer from all the materials.

How do you handle confidential information during near shore software development projects?


During the term of our Agreement and for up to 6 years afterwards, AROBS will use reasonable care to prevent the unauthorized use or dissemination of any confidential information you provide us with. Reasonable care means at least the same degree of care we use to protect our own confidential information from unauthorized disclosure.

Confidential information is limited to information clearly marked as confidential, or disclosed orally and summarized and identified as confidential in a writing delivered to us within 15 days of disclosure.

Confidential information does not include information that:

  • we knew before you disclosed it;
  • is or becomes public knowledge through no fault of us;
  • we obtain from sources other than you and who owe no duty of confidentiality to you or we develop independently.

 

Please describe your policies for Intellectual Property protection.


AROBS treats intellectual property protection with special care and therefore takes comprehensive measures to protect intellectual property and trade secrets. First, we define intellectual property/trade secrets with the customers/partners, then we document them, establishing policies, roles and responsibilities, set up process-level controls and procedural, physical and technical controls to minimize risk to a level acceptable by management, educate employees, customers and partners about intellectual property/trade secrets and the measures taken to protect them.

Intellectual property and trade secrets are all subject to strict security guidelines within the company, in both electronic and printed format. Sensitive documents in printed format are stored in secure places and accessed only by authorized personnel. AROBS complies with the Romanian legislation when handling sensitive information. We will never disclose any confidential information to third parties unless required by the Romanian governing law.

All of our staff are strongly deterred from violating IP regulations by signing non disclosure agreements with AROBS and sometimes with the customer too.

How does AROBS protect customer data?


Customer data is protected according to the provisions of the AROBS data protection policy, which states that the information managed by the company shall be appropriately protected against the consequences of breaches of confidentiality, failures of integrity, or interruptions to the availability of that information. The scope of the security policy includes

  • Information, data, in any form such as printed paper, digital, video, and audio formats;
  • The computing hardware and software systems which access and manipulate information;
  • Mobile devices and teleworking;
  • The physical work environment;
  • The network systems;
  • Personnel awareness, education, and training.

Each employee and service provider working for AROBS signs a Non Disclosure Agreement with the company which is as restrictive and specific as those provided by some of our most demanding customers. 

Access to any company data and information is limited through physical and access rights. Our off-site backups are frequent and data is stored in a secure location. Only key personnel have root access to any system. 

This policy shall be reviewed and updated regularly to ensure that it remains appropriate from the point of view of any relevant changes to the law, organizational policies, or contractual obligations. AROBS will establish and maintain appropriate contacts with other organizations, law enforcement authorities, regulatory bodies, and network and telecommunications operators in respect of its information security policy. A process of risk assessment shall be carried out for each system to identify the probability and impact of security failures to determine the appropriate levels of security measures applied.

How do you ensure security when connecting to client is necessary?


We connect to customer systems using VPN and firewall restrictions. Only the VPN client is installed on the developer's computer. No VPN access is allowed in the AROBS network to protect all the data that is subject to non disclosure agreements.

How do you handle shared information?


We share project related information on File Server or Source Control and give read or write permissions only to the specialists involved in the project.

Please describe your local security.


Our local security consists mainly of:

  • a strict control of the in/out access through Firewall;
  • well defined permissions for each user role in ActiveDirectory;
  • a centralized Antivirus which runs on all workstations and on the server;
  • a data backup plan;
  • the mandatory and automatic updating of the operating systems with the latest security patches;
  • the mandatory use of complex passwords;
  • the automated locking of workstations that have not been used for 3 minutes;
  • video surveillance using the camera mounted at the office main entrance;
  • card based access to the offices.