For the CEOs and CFOs considering outsourcing, cybersecurity is of paramount importance. Not a day goes by without some news of a major cybersecurity breach. In the current scenario, it is but natural that businesses look for a partner that can be trusted.
We have been providing outsourcing services for almost 15 years now and are a trusted partner for numerous established businesses in the UK and US. As a finance & accounts outsourcing company, we deal with the financial information of a business. So, for us, the importance of information security cannot be overstated. We go above and beyond to ensure data security. Here are some of the key steps we take to safeguard our client’s data:
1) We provide secure and dedicated office space for all of our clients to restrict physical access. If we serve competing businesses, we provide separae spaces for each, with access restricted only to the employees working on the specific client. Also, for the QX Finance & Accounting Services division, we use dedicated and segregated teams so that each team works only for one client.
2) To ensure that no unauthorised employee or person can enter any dedicated client space or office, we use access cards and biometric login. As a result, employees can enter only common areas or the space dedicated for the project they are assigned to.
3) As a business, we sign non-disclosure agreements with our clients whenever sensitive information is involved. In addition, each employee working on a client project also signs a confidential non-disclosure agreement.
4) We use highly secure and controlled systems to transfer and share data with our clients. Data access is restricted on workstations and removable storage devices like pen drives are blocked. Access to email, online storage, online data transfer and non-work-related sites are blocked using an industry-class firewall device.
5) We have layers of security to prevent a data leak. In the unlikely case of a breach, we have a systematic plan in place to deal with the breach. Till date, we have not encountered any major breach of our clients’ data.
6) In order to fulfil UK Government standards, we also comply and are Cyber Essentials Certified.
7) We are certified by the British Standard’s Institute (BSI) as ISO 27001:2013 Information Security Management compliant. This means that we rigorously adhere to a framework of policies and procedures that are designed to maximise information security.
8) With GDPR becoming an enforceable law, companies holding or processing personal information have a greater responsibility to manage, store and protect the data. We are fully compliant with GDPR and are certified by BSI as 10012:2017 Personal Information Management System compliant.
9) To protect our systems from cybersecurity threats, we have deploy anti-virus and anti-malware software. We also use cloud-based email security to neutralise threats posed by links send via malicious emails.
10) We restrict the use of mobile phones on the work floors – mobile devices are stored in special cabinets outside of the work area. In addition, we have 24/7 manned security and CCTV monitoring in place.
For more details on how we protect our client’s information from cyber threats, please check out our video: Data Security for Outsourcing Services.