Information Security Standards & Protocols
- Home
- Information Security Standards & Protocols
At The Topmark LLP, the security and confidentiality of client data is a core commitment. We follow industry-leading standards and frameworks to ensure information is always protected — physically, digitally, and procedurally. Our practices align with the US Generally Accepted Privacy Principles (GAPP) and are compliant with GDPR requirements to maintain complete confidentiality and integrity of your data.
Physical Security Measures
- 24/7 monitored building access and surveillance
- Controlled office access with biometric authentication
- Magnetic door locks accessible only by authorized personnel
- “Clean desk” policy to ensure no data is left exposed
- CCTV monitoring at all critical entry and operational points
Data Protection & IT Infrastructure
- Teams operate in secured zones with access-card entry
- Data sharing across departments is restricted
- Use of secure File Transfer Protocol (FTP) for file exchange
- High-speed internet and reliable global connectivity
- Data stored on encrypted, remote servers with regular backups
- Operations floor is mobile-free to prevent data capture
- USB ports and external drives are disabled on workstations
- Enterprise-grade firewall and threat protection (e.g., Sophos)
Logical Security Controls
- Internally managed, secure email servers
- All emails scanned via advanced anti-spam and threat detection systems
- Enterprise antivirus and anti-malware protection on all servers
- Encrypted data transmission for all sensitive information
- Access to non-essential websites and emails is restricted
- Paperless workflow to reduce physical data exposure
- All removable storage access is blocked at system level
