CLS, through its parent company, NorthStar Financial Services Group,
LLC, understands protecting the confidentiality of information is paramount
to the trust your clients place in you and the trust you place in CLS. Our
security policy is designed to protect client information.
Our security protocols include:
- Specific caller identification safeguards must be met prior to releasing information over the phone.
- Personal computer equipment is not allowed on company premises.
- Visitors must sign in, wear a badge and be escorted by an employee at all times.
- Mobile device access to corporate systems must be via devices approved and administered by NorthStar (CLS’s parent organization); access is managed via the central server and subject to lockout/password protection.
- Remote access to information is via the corporate VPN system; computers accessing the system must have required security software including Antivirus, Safend endpoint control and PGP whole disk encryption.
- Web-based email is not allowed via the corporate network.
- Visitor and guest internet access is via an internet connection separate from the corporate network. Employee access to this separate internet connection is prohibited.
CLS has a business continuity plan including a fully functional disaster recovery site housed within the region’s first-of-its-kind Tier IV, LEED registered facility. Built to withstand the most rigorous weather conditions, the facility is equipped with state-of-the-art physical and electronic security systems, has NIST, PCI, and SSAE16 certifications, and meets the newest OSHA guidelines. The CLS servers housed at the recovery site are fully operational and tested quarterly.