Safeguards for a Strong, Compliant Security Culture
PGBA follows stringent, well-defined policies and procedures to ensure security and compliance across our workforce.
We fully vet every PGBA employee with exhaustive screenings for criminal records and adverse credit history. PGBA meets current DHA fingerprint and background check requirements for DoD adjudication at the Automated Data Processing/Information Technology-II (ADP/IT-II) level, and both our systems vice president and cybersecurity director are adjudicated as ADP/IT-I. We are in line with MAC III-sensitive requirements as well as other DHA security and personnel policies, and have processes in place to ensure compliance.
PGBA applies numerous controls to protect stored data from unauthorized use. IBM's Resource Access Control Facility (RACF) secures online access to PGBA data while employing formal internal security procedures. The RACF administration area assigns and monitors secure user IDs, initial passwords and access rights as authorized by designated plan management.
Meanwhile, our data security administration staff regularly reviews and updates account and password requirements. The team closely monitors the RACF to safeguard system databases, libraries, programs and other technologies.
Additionally, PGBA uses encryption software when transferring sensitive information from any device, whether it's the enterprise server, a laptop or desktop PC.
PGBA’s data center is fully secure and continuously patrolled by uniformed guards. It’s equipped with access control systems that require a secure key card to enter and biometric hand reading to verify identity. To prevent “piggybacking,” sensors and double-door mantraps limit normal access to one person per card. A computer monitoring system logs all transactions, which are tracked by security personnel.
We protect our facility with physical safeguards as well as constant surveillance. Our security staff continuously monitors feeds from closed-circuit cameras situated along the perimeter, at external and internal entrances, and in various locations throughout the data center. Meanwhile, bollard posts surround the facility to protect it from vehicle intrusion, and windows in sensitive areas are secured with ballistic glass to prevent break-ins. Duress alarms are available for extreme emergencies.