Our IT Supplier have full access to and manage all aspects of our IT infrastructure including, where necessary, the sub-processing of client information and data and use a number of tools and software programmes to do so including:
– Sophos Endpoint Security
– Bitlocker Disk encryption
– Veritas Backup Exec
– Cisco ASA Firewall with Firepower Services
– Cisco Umbrella
– Cisco AMP
– RSA Authentication Tokens
We use a third party Data Back Up Storage provider who collect our backup tapes and store them in a secure location to enable us to recover effectively in a disaster recovery situation. The backup tapes take a copy of all of our business critical file shares and databases.
File Centre are ISO27001 certified. See further information here: https://www.file-centre.co.uk/about
Desk Pro Support Software:
In order to effectively support our clients we use a support desk software. When you raise a ticket or log a call with our support desk, information about the individual raising the issue, the nature of the issue and any conversations had in the course of resolving the issue, will be logged in this software including any confidential information required to investigate and resolve the issue. This software is hosted on premise in our Bristol offices.
We use WebEx to facilitate remote support sessions between our support desk and our clients. All data required to facilitate WebEx remote support sessions (including names, email address and chat logs) is stored in a UK based data centre although there is a possibility that data may be transferred to other Cisco server locations outside of the EU.
Data Sheet: https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/cisco-webex-privacy-data-sheet.pdf
GoTo Meeting and GoToTraining:
In order to conduct remote training sessions and product demonstrations to our clients we utilise these tools. All data required to facilitate GoToMeeting/Training remote sessions (including names, email addresses) are stored in a USA Data Centre.
LogMeIn have certified with EU-US Privacy Shield: https://www.logmeininc.com/legal/privacy-shield
DataSend is our method of securely transferring files between ourselves and our clients. All files are stored on secure, private, dedicated, servers located in the EU with transfers using SSL encryption. The files are automatically deleted from the servers after 7 days.
DataSendUK are ISO27001 certified. See further information here: https://datasend.co.uk/about.html
We use slack to conduct internal electronic communications which may include conversations about clients and their data Slack store their Data in USA Data Centres and have certified with EU-US Privacy Shield https://slack.com/privacy-shield-notice