How do we protect your data from cybercrime?
Is your personal information safe?
In our October newsletter, we promised to share a bit more about how we keep your data safe. With cybercrime increasing year-on-year, we know that data security is a priority for you, and it should be no surprise that it is also a very high priority for us.
A data breach is not only a real concern for you, our client, but it is one of those ‘black swan’ events for a professional services firm like ours. We collect data like a bank collects money – we use it to do what we do for you.
So, like a bank guarding its money, we must guard your data. And whilst we are satisfied with our current arrangements, there is no room for complacency. We are always searching for improvements.
With the continued support of our IT providers indepthIT, we have also engaged with industry specialists Practice Protect, to assist us with maintaining best practice. Our focus is on data and device protection, user access and user education and awareness.
Working together we built a custom portal which uses the latest Single Sign On (SSO) authentication technologies to create a secure environment from which our team access all their internal cloud applications.
With this in place, we are able to enforce a high grade of restrictions, policies and procedures to firstly control our teams’ access and limit ‘human error’ and secondly to ensure any third parties that attempt to gain unauthorised entry into our systems are denied.
To help mitigate human risks, we attend regular training sessions which focus on protecting your data from the latest scams and breaches in our industry.
Some more specifics in relation to each of those focus areas:
How we protect the data itself
- Backup all data, copies of data to multiple secured cloud locations
- Audit trail of all cloud data access on request
- Email scanning for malicious content in attachments and links
- Restricting data access for sensitive information to authorised staff only
- Up to date antivirus on all devices
- Monitoring of cloud usage in real time and retrospectively for users and applications
How we protect the devices we use
- Centrally managed device security controls for desktops and mobiles
- Enforcing system and application updates
- Device hardening, removing of any unnecessary applications and add-ons
- Device encryption, to ensure data is protected if a device is lost or stolen
- Monitoring and system health alerts
How we limit and secure user access
- Single sign on/multi-factor authentication is enabled for all applications
- Location based access restrictions
- Appropriately set user access levels
About user education and awareness training
- User responsibility
- Latest scams and breaches updates
- Signed cyber security policies – including Work From Home policies
These measures will continue to evolve as technology itself evolves. What won’t change is our commitment to keeping your data secure.
Should you have any further questions or want more technical information, please feel free to contact Debby Thomas on 1300 656 141.