Our compliance with demanding ISO 27001 security best practice; hard work for us but it guarantees highest standards for clients.
Posted: 9th November 2016
You can assure your clients and your own senior management team that documents entrusted to us will be kept secure and confidential when they leave your possession.
There are more risks today than ever before that their security and confidentiality could be breached, so that assurance is critical. We can give it … with confidence.
As specialist multi-lingual notaries working with businesses that operate internationally – including more than a third of all the FTSE 100 – we handle an array of often commercially sensitive documents; for example, related to new intellectual property registrations, new business launches, mergers and acquisitions in countries around the world for companies operating out of the UK..
“Our ISO 27001 certification (probably unique amongst specialist Notary practices) demands that De Pinna focus constantly on maintaining and improving our information technology and security techniques, by implementing, communicating and pro-actively monitoring Internationally Recognised Best Practice Information Security Controls.” (Phillip Journeaux, Partner)
It is essential that these documents remain secure; that their confidentiality is protected and kept away from prying eyes as they are processed through us for a) notarisation, b) legalisation at the Foreign & Commonwealth Office and relevant Consulates and c) translation in local languages for the countries where these documents are to be used, where that is needed or can be beneficial.According to Verizon’s Data Breach Investigations Report, May 2015: 23% of people open phishing emails and 11% open the attachments in those emails.
“Our people know not to .. and they don’t!” (Nick Georgoulis, IT Manager)
Risks of breaches in security and confidentiality are on the increase; significantly, primarily from “cyber breaches” on one way or another. In spite of all the talk about “hacking” and “phishing” (which are serious risks that need to be guarded against) the biggest risk to security and confidential data arises from the activities of employees; either through intentional mischievous and illegal acts or, more frequently, down to negligence, error, indifference and carelessness.
The IT-related threat believed to have the greatest impact on an organisation’s ability to be cyber resilient and the most likely to occur is human error. (Ponemon Institute Research Report, Jan 2016)
It is well worth registering for and reading that Ponemon report “The Cyber Resilient Organisation in the United Kingdom: Learning to Thrive against Threats” as there are some excellent pointers there on how to tackle document and data security issues in any business.
“Getting engagement from partners and employees to adopt the disciplines that are essential to protect data and documents is the most difficult challenge – but we have managed that successfully!” (Ryan Moody, Partner)
Just some examples of the steps we take to ensure protection of data and documents:
- CCTV cameras in all areas of our offices
- Security vetting of all employees.
- Internal procedures and operations audited and adapted to ensure compliance with internationally recognised best practice.
- Employee workshops and forums to constantly evaluate and improve security
- Encryption of emails and documents during transit.
- Retention of all documents in ISO27001 accredited IT systems
- Rigid access controls to all areas of our offices
- Personal carriage of documents to the Foreign & Commonwealth Office and consulates by our own vetted employees.
… and much more.
Ensuring document and data security and confidentiality is a strategic commitment from the management team. Day to day compliance is now routine for all employees and an integral part of the business. (Phillip Journeaux, Partner)
If you want to find out more about our journey to achieve and maintain ISO 27001, how it can help you and your clients; or even how what we have done might inform your own plans for introducing ISO 27001 or more effective data security in your team or your business – please feel free to call me on my DDI: +44 (0)20 7208 2943, get in touch here or at email@example.com