Data is becoming one of the most valuable assets in the modern world. Even the most prestigious companies are vulnerable to the rising trend of data breaches. Each data breach can have an impact on millions of people by exposing valuable records. As a result, insurance firms, regulators and customers all have heightened concerns of the use and management of private information.

How is EXL Secure?

EXL’s Global Technology Group is poised and equipped to protect sensitive information exchanged online between insurance firms and customers, in keeping with the latest global security guidelines and recommendations.

  1. Our services are designed to move you forward, from manual to digital systems, safely and efficiently.
  2. Safeguard your assets on the cloud once they are there.
  3. Maintain best-in-class, multi-tiered protection, based on:
    1. Strict standards and governance
    2. Ongoing risk and compliance assessment
    3. State-of-the-art data security controls
    4. Continuing employee training and awareness

EXL’s Acclaimed Information Cyber Security and Data Privacy Program create a “safe zone” for your sensitive business and customer information.

  • Institutionalizing a privacy program designed to promote information safeguarding within global compliance and privacy legislation.
  • Collaborating with business stakeholders in developing and applying systems, technologies and solutions that protect private data throughout the information lifecycle.

Accreditations and Certifications

  • ISO 9001 for Quality Management System
  • ISO 27001 for Information Security Management System
  • ISO 22301for Business Continuity Management System
  • PCI DSS for Payment Card Data Security
  • URAC for Healthcare Services industry
  • OHSAS 18001 for Occupational Health and Safety Management System

EXL’s Five Pillars of Cyber Security Assurance

  • Governance
    1. Proactive partnership with business and cross-functional information lifecycle management group to drive enterprise-wide initiatives and ensure effective implementation.
  • Policies and Processes
    1. Vision: Institutionalization of a privacy program at EXL, which is designed to promoting the need for safeguarding information and meeting compliance obligations with global privacy legislation,
    2. Mission: Collaborate with business stakeholders in developing an applicable privacy implementation for EXL businesses, and applying adequate safeguard to privacy protection through the information lifecycle of data subjects
  • Technology
    1. AWS solution including:
      1. Anti-APT for Email, Network
      2. Firewalls / IDS / IPS
      3. Web Application Firewall
      4. DLP for Email and Internet
      5. Anti-Spam and Virus for emails
      6. Internet Proxy and URL Filtering
      7. Hardening of Perimeter Devices etc.
  • People, Awareness and Culture
    1. Training, special events, leadership videos, simulation testing and multi-channel awareness via a variety of digital and conventional media.
  • Compliance Monitoring and Assessments
    1. Business information security risk assessments, supplier information security risk assessments, cyber risk assessments.

EXL’s integrated program offers multi-layered assurance against data loss, theft and breaches.

  • Internal
    • Network Segmentation (VLANs)
    • Access Control List on VLANs
    • Network Access Control
    • Identity and Access Management
    • Encryption for data in motion & rest etc.
  • End Points
    • System Hardening
    • Restricted internet and email access
    • Data Encryption at Rest
    • Data Loss Prevention solution
    • Restricted use of USB, etc.

Across all EXL platforms and systems, we assure that your data is safeguarded to the highest standards. Contact us to begin a security assessment today.


Written by

Jason Baie
Vice President, EXL Premium Audit Sales

Gary Penegar
Director, Product Development


Contact US