Tag Archive for: UK hosting

Confusion reigns regarding responsibility for data protection compliance

/in , , ,

A recent survey suggests that there is still a good deal of confusion regarding responsibility for data protection compliance. Given that the UK adopted the EU GDPR into the Data Protection Act in May 2018, this reflects the general lack of awareness among many organisations today.

This survey also indicates a lack of clarity over whether cloud-based information management services offer better or worse protection that traditional on-premise storage. The answer of course is that the level of security and therefore protection depends on which cloud service provider is involved. Safe4 has an unblemished record of secure service provision, with an availability record very close to 100%. Not all cloud service providers can offer this.

Safe4 has also clarified the different roles and responsibilities relating to data protection in their Data Protection Policy – click here for more details. Safe4 does not claim ownership of any data that is stored within its system, and thus acts as the Data Processor. Customers own their data and have responsibility for any information that is placed in Safe4, and therefore are Data Controllers.

Adding to the benefit of using Safe4 for information storage is the fact that Safe4 only uses UK-based hosting services accredited to ISO 27001. Together with enhanced password strength management and 2-factor authentication, Safe4 provides a platform for its customers to be confident that the system will support their own Data Protection compliance programme. No cloud service provider can make its customers compliant with the Act however – ultimate responsibility lies with the Data Controller to ensure that their own information security policies and practices are enforced. The vast majority of data security breaches are caused by human error or poorly trained employees.

For more information on how Safe4 can assist your data protection compliance programme, please contact us.

Invoice fraud still a major threat

/in , , ,

In December 2018 Safe4 published an article highlighting the increasing instance of invoice fraud in the UK. This is not just a UK issue – criminals across Europe are defrauding businesses of huge sums by intercepting emails and changing the bank details on invoices.

Invoice fraud remains a major problem

Further evidence of invoice fraud was published yesterday on the BBC website. Again, the use of email was highlighted as one of the most prevalent means of getting a customer to pay the funds rightfully due to their supplier into a fraudulent bank account. in 2018 3,280 cases were reported, although it is likely that the actual number was higher. In total at least £93 million was stolen through invoice fraud.

There is a solution …

Safe4 provides a secure means of transferring information of any kind between businesses of any size and type. Use of UK-only data centres accredited to ISO 27001, comprehensive audit trails, and industry-leading encryption techniques radically reduce the risk of fraud, and thus the potential for incurring significant financial losses.

Please get in touch with us if you would like to ensure that your business does not suffer from invoice fraud – we will be delighted to assist you.

GDPR compliance – what will it mean for you?

/in , ,

Most of us now are receiving a barrage of email relating to the need for GDPR compliance in our inboxes.  Consultants, assessors, seminar organisers, and a host of others are trying to get our attention in advance of the date when the General Data Protection Regulation comes into force in May this year.

Some of this communication is helpful, but the majority seems to be opportunistic.  It is refreshing to come across a realistic and well-considered article that highlights the simple facts about GDPR – there is no magical solution to make any organisation compliant, just the realisation that the only effective approach lies in a thorough review of the information that is being used, who uses it, how it is managed and transmitted, and what protection measures have been taken to safeguard it.

Safe4 can help to support GDPR compliance

Every organisation, of any size or structure, will have to make sure that its information management house is in order to become compliant with GDPR. No IT system can perform this service, but a compliance programme will be more successful if it is underwritten by applying technology that allows the necessary processes to be properly implemented. We at Safe4 are making some minor changes to the way the system works to make sure that it will offer full support for GDPR. But the responsibility for achieving compliance will still lie with the organisation itself, and how it manages its own activities.

We will be publishing further information about the changes that the Safe4 system will undergo in the coming months. The basic design and architecture of Safe4, as well as other factors including UK-only storage in ISO 27001-accredited data centres, full encryption of data, no reliance on email to carry confidential information, a full audit trail of all activity, and contractual arrangements under English law already provide an effective platform for ensuring best practice in the management of information.

For more information on how using Safe4 can assist your organisation to comply with GDPR, please contact us.

VaultConnect appointed as Safe4 distributor

/in , ,

 

As part of the market development programme being undertaken by Safe4, VaultConnect of Manchester have signed a distribution agreement enabling them to offer the highly secure Safe4 information delivery and storage service to professional practitioners across the UK.

Although based in the north of England, VaultConnect will operate nationally and have established opportunities to provide the Safe4 service to organisations in all parts of the country, in sectors such as legal, accounting, financial services and more recently art galleries.  All of these organisations manage highly confidential information on behalf of their clients, and all have the responsibility of transferring funds to and from clients and other parties as business is being transacted.

Steve Edge

Richard Higginbotham

VaultConnect was formed by Steve Edge and Richard Higginbotham, both of whom have decades of experience in sales and digital marketing of software-based solutions.  One of the first areas that VaultConnect will be addressing is the activity of property conveyancing solicitors, who are responsible for transferring significant sums of money between clients and the other parties who participate in property transactions, such as estate agents, mortgage lenders, and other law firms.  Steve Edge believes that “Safe4’s platform enables us to solve a real issue for professional service firms who need to share sensitive information with clients and partners. Conventional email is increasingly seen as an unsafe way to transmit information because it’s easy for fraudsters to intercept. Emails can then be impersonated or impregnated for commercial gain.”

Steve also feels that “Safe4 enables us to realise the mantra ‘don’t transmit, VaultConnect’; we help our clients enjoy the convenience and efficiency of email without the risks. Unlike products that are charged on a per user basis, we are able to make a compelling commercial proposition to our target markets.”

GDPR is coming …

Ben Martin, a director of Safe4, is delighted to be working with VaultConnect.  “This relationship brings an exciting opportunity for Safe4, to enhance our ability to engage with new customers and deliver secure high quality solutions in conjunction with the proven expertise of Steve and Richard in the professional practitioner sector, where the benefits from using Safe4 are immediate.  We welcome their commitment to address these vitally important sectors. With GDPR on the horizon it is becoming more important than ever to ensure that all client information is being handled as securely as possible, and using Safe4 satisfies this requirement and brings a competitive edge to professional practitioners of all types”.

For further information please contact us at Safe4, or Steve and Richard at VaultConnect.

Met Police see ransomware as the biggest cyber-security threat in 2018

/in , ,

A series of global ransomware attacks in 2017 have reaped millions of dollars in rewards for criminals who have penetrated unsuspecting users’ IT systems and encrypted their data. In the UK, the National Health Service was one of a number of high-profile victims of such attacks.  According to London’s Metropolitan Police, ransomware looks likely to be a major threat again in 2018. Ransomware cannot prevent access to data stored in Safe4, as indicated in previous articles on this website.

In an article published in The Times newspaper today, the need for managing personal information is highlighted even more strongly. Theft of identity, and with it money, has become such an enormous issue that more and more of us are likely to be at risk through insecure management of our online activities. Using clever apps or devices on mobile phones or computers will obviously help; however using secure online services to deliver and store critical personal information will give the greatest level of protection to businesses and their clients alike.

Safe4 has been rated among the most secure 0.8% of sites on the Internet by independent agencies, out of more than 1.5 million tested. Using the Safe4 Asset Register to handle personal details for a wide range of online activities offers a unique facility for holding both confidential documents and individual elements of data, such as personal identification details. All data held in Safe4 is stored in UK-only data centres accredited to ISO 27001. Please contact us for more information.

US / European Privacy Shield progress has stalled

/in , ,

The recently-appointed US administration has put a hold on recruitment in many branches of the government, including the appointment of an ombudsman for dealing with data privacy issues. Transfer of personal data between the US and other jurisdictions is a complex subject, and will need careful treatment as the discussions relating to the new agreement unfold. Click here for more information.

The safest way to avoid the issues relating to the movement of any confidential information across international boundaries, including personal data, is to host it in the UK. This policy was adopted by Safe4 in 2010, and has remained a fundamental pillar in the company’s information security strategy ever since. For a large number of professional practitioners in the legal, financial, insurance, property and medical sectors, Safe4 provides a secure and effective information delivery and storage service based on UK storage in ISO 27001-accredited data centres.

If you would like any further information on how Safe4 can assist your business, please contact us.

Another record month for Safe4

/in , ,

February 2017, in spite of being a short month, has been a record month for Safe4, with the highest number of new user sign-ups achieved so far. Safe4 customers are continuing to enjoy the benefits of secure document delivery and storage, and are sharing this with their clients and other business contacts in ever-increasing numbers.

As well as record growth in February, Safe4 also achieved another month of 100% availability in January 2017, as confirmed by independent monitoring services. It’s good to know that the information held in Safe4 is being securely stored in the UK in ISO 27001-accredited data centres, and even better to know that it is always available to authorised users when it is needed.

For more information on how Safe4 can help your business, please get in touch. We would be delighted to hear from you.

UK Watchdog makes some cloud service providers think again – it’s about time!

/in , ,

The UK watchdog, the Competition and Markets Authority, has decided to crack down on some of the biggest names in cloud data services by enforcing a stipulation for fairer and more transparent contracts. By recognising the the need for improvements in the contractual terms that the major providers offer, the CMA has given a boost to the protection that users of these services can expect. Click here for more detail.

The majority of them, of course, are still opaque as to where their data is stored. Even those that claim to hold their customers’ data in the UK are still very vague as to whether backups are held exclusively in the UK, or shipped to overseas data centres where capacity may be more readily available or less expensive. If data is moved outside the United Kingdom it can fall under the jurisdiction of countries whose data privacy laws do not offer the same level of protection.

Since 2010 Safe4 has provided a highly secure UK-only data storage service, making use of ISO 27001-accredited data centres. As well as levels of security and availability that are among the best in the industry, Safe4 customers enjoy the certainty that their data does not leave the UK. And Safe4 has not needed a market watchdog to enforce the offering of fair and transparent contractual commitments to its customers. Contact us for more information.

US may be set to change data privacy laws – again!

/in , ,

The Safe Harbor data privacy agreement between the US and the EU was deemed to be ineffective in 2015, and was subsequently replaced with a Privacy Shield arrangement – which is still considered by many to be inadequate. Recent announcements by the new US administration suggest that the internal data privacy laws in the US will be subject to further change, affecting those who are not US citizens or permanent residents in the US. Please click here for more background on this development.

Safe4 decided back in 2010 that all of the data held within its secure document delivery and storage service would be stored in UK-located data centres, accredited to ISO 27001. This offers maximum protection to our customers and their clients, employees, suppliers, partners and associates. Reliance on US-hosted data storage could be seen to carry unnecessary risk of misuse or disclosure of personally-identifiable information, hence the benefit of keeping all stored data onshore within the UK.

For more detail on the measures that Safe4 applies to keep information secure, please contact us. We would be very pleased to speak with you.

Personal email systems still being used to carry confidential information

/in , ,

It is no major surprise to learn that a major email service provider has been hacked – again – and that millions of people have had their personal information exposed to criminals. This is highlighted in an interesting article in The Times, published today.

What is still very unfortunate, however, is that a large number of professional practitioners in the UK are still failing to acknowledge that email is the leading source of computer crime and online fraud. Time and again personal financial information is being passed between lawyers and their clients, in residential property transactions for example, using the client’s personal email account. Repeated examples of these emails being hacked and bank account details being changed have not deterred some high-profile UK law firms from continuing this practice, irrespective of severe financial losses being experienced by their clients.

Also worrying is that it is common practice in some firms for lawyers and others to send confidential documents to their own private email accounts so that they can be worked on outside business hours or away from the office.

The Safe4 service was launched in 2010 to offer a highly secure alternative to email, not just for document transfer, but also for medium-term or permanent management of information. Based on UK-only storage in data centres that are accredited to the ISO 27001 international security standard, Safe4 offer a service that complies with the Solicitors Regulation Authority guidance on the use of cloud computing. Accessible at any time, from anywhere, it eliminates the need to trust confidential information to high-risk systems.

For more information on how Safe4 can assist your firm to minimise the risk of information loss or interception, please contact us.