Our methodology in maintaining data security and privacy protection:

HUMAN CONTROLS


ControlEffect
We employ only people we know (referrals)Reduced risk of fraud
Every employee is security checkedReduced risk of fraud
We induct, train and retrain our staffAwareness of consequences of data loss
All employees are supervisedReduced risk of fraud
Appropriate employee work conditionsReduced risk of fraud

PROCEDURAL CONTROLS


ControlEffect
We operate 100% paperlessNo risk of paper based data loss
Alarmed and monitored premisesReduced risk of break-ins and data loss
Standardised work procedures in placeReduced risk of accidental data loss
Separate guest web access networkReduced risk of data loss via internet attack
Bring your own device policy in placeReduced risk of data loss via mobile devices
Data security risk assessmentsUnderstanding risks and risk controls
Regular system and compliance auditsAbility to detect issues and implement remedies
Dedicated internal Data Security and Privacy Protection officerImproved security monitoring, staff induction and training, and system audit processes

TECHNICAL CONTROLS


ControlEffect
Sophos Cloud end point protectionReduced risk of data loss via internet attack
Workstation and solution encryptionReduced risk of data loss via web/physical theft
Complex password enforcementReduced risk of data loss via password hack
Two-step password verification enforcementReduced risk of data loss via out of office access
Mobile storage devices are blockedReduced risk of data loss via storage device
Access to data-sharing websites is blockedReduced risk of data loss via website upload
Access to high risk websites is blockedReduced risk of data loss via internet attack
Email controls/restrictions in placeReduced risk of data loss via email transfer
Broken-e for drag and drop controlPrevents accidental drag and drop of folders in windows
Last Pass for single sign onPassword control for multiple client sites

INFORMATION SECURITY POLICY

  1. Cross-border Disclosure
  1. Our Employees & Contractors
  1. Controls