DATA SECURITY
Data security and confidentiality is paramount and we’ve invested a lot of time and money to ensure our physical and logical security meets and exceeds the highest standards. Regular independent audits ensure our certification is maintained and our Quality and Information Security systems are kept up to date by our dedicated compliance manager.
Key data security features in DCK.
• ISO 27001 certified.
• ISO 9001 certified.
• Secure data and physical file storage.
• Restricted plant access – 24 hour CCTV monitored.
• Secure waste storage and destruction.
• DCK staff NDA and confidentiality.
• Registered under the Data Protection Act.
• Experience in handling sensitive confidential mailing projects.
• GDPR readiness programme in place.
Data is at the centre of everything we do at and there’s nothing more important for us than data security. Our clients’ data is one of the highest profile and most valuable assets they have and the importance of building robust processes around the transfer and processing of this data shouldn’t be under estimated. We have the infrastructure and expertise to handle and manage data to the very highest standards.
INFORMATION SECURITY MANAGEMENT SYSTEM
Our Information Security Management System (ISMS) is an important part of Data Services and DCK. The system is integrated into the fabric of the business and audited regularly by Certification Europe and certified under ISO27001.
ISO 27001 CERTIFICATE OWNER COMPANY
ISO27001 is the international standard which is recognised globally for managing risks to the security of information you hold. Certification provides a set of standardised requirements for an information security management system (ISMS). The standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving our ISMS.
ISO27001 helps us to:
• Protect clients and employee information.
• Manage risks to information security effectively.
• Achieve compliance.
• Protect a company's brand image.
• Keep confidential information secure.
• Provide customers and stakeholders with confidence in how risk is managed
• Allows for secure exchange of information.
• Allows you to ensure you are meeting your legal obligations
• Helps you to comply with other regulations (e.g. SOX)
• Provide you with a competitive advantage
• Enhance customer satisfaction that improve client retention
• Consistency in the delivery of your service or product
• Manage and minimise risk exposure
• Build a culture of security
• Protect company, assets, shareholders and directors
SFTP
To enhance our data security offering we’ve installed the most secure data transfer system possible.
Secure File Transfer Protocol (SFTP) is a secure version of File Transfer Protocol (FTP), which facilitates data access and data transfer over a Secure Shell (SSH) data stream. Essentially, when we set you up as an SFTP client, you have a personalised secure channel directly from your workstation to our server.
Using email for data transfer
When you send an e-mail it travels from your computer to the server associated with your e-mail account. That server doesn’t know anything about the recipient. It only knows how to look up the IP address for a mail server that does know who your recipient is and send it there. Once it knows what other server to send your message to, it opens a connection to that mail server and delivers it there.
The thing is, to get from your computer to one of ours, your e-mail may have to go via several different servers located in several different countries and may have back-up copies made along the way.
Why use SFTP?
When you connect to the DCK SFTP secure server, you create a secure and direct pathway between your computer and our server. Once this pathway has been set up, you can access our server and place your data there. Easy, direct and secure.
GDPR AUDIT SERVICE
The General Data Protection Regulation (GDPR) has introduced significant changes in data regulation. The new directive was published by the European Commission in 2012 and adopted in April 2016. Implementation will take 2 years and the regulation will come into force in May 2018.
The aim of the GDPR is to protect all EU citizens from privacy and data breaches. Under GDPR organizations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements e.g. not having sufficient customer consent to process data or violating the core of Privacy by Design concepts.
As part of our ISO 27001 programme and general business practice, DCK are currently working on a GDPR readiness programme to ensure the company and our customers are compliant with the new directive.