Running an organisation comes with a lot of responsibility. From keeping clients and customers safe on your premises to ensuring that their personal information is secure, there are obligations galore. You have to do the same for the staff you employ on a day-to-day basis – and that duty of care remains if they’re working alone or remotely off-site. Here at CAS, we can offer our support in helping you to meet your moral and legal requirements. In this blog, we’re going to look at steps we take to enhance physical and cyber security across all our document storage and facilities management services.
Physical security is vital, at your premises and at ours
At CAS, we continually strive for the highest levels of physical security, both on-site with you and at our state-of-the-art warehouse facilities. All our document-handling staff have been through the Disclosure and Barring Service (DBS) checking process. Whether we’re on-site with you to catalogue your documents, or to remove documents to be shredded and recycled, you can trust us to keep clients’ and employees’ data secure. And if you use us for off-site live-file document storage and archive storage, we have a dedicated fleet of GPS-tracked vehicles for transport to and from our storage facilities.
Our warehouse facilities themselves have gated perimeter fences and are monitored by Mobotix M12 CCTV cameras. Entry to all buildings at our facilities is managed with advanced Suprema BioEntry fingerprint IP access terminals. Security systems operate 24/7/365, so at this time of year in particular, you don’t have to worry about festive breaks. We have installed environmental controls, advanced optical fire beam protection system, and air-quality monitoring throughout. And we have a range of ISO certifications to provide you with added peace of mind.
Data protection law makes cyber security vital
As a market leader in document and data management, CAS works hard to help its clients meet GDPR data protection requirements. We take all these steps to ensure that our services are compliant with GDPR. But we can also point you in the direction of help to boost your internal security systems. The National Cyber Security Centre publishes guidance and regular updates on a wide range of cyber security topics. Meanwhile, the Information Commissioner’s Office outlines the systems you should have in place to meet data protection requirements.
There’s a big incentive for you to make sure your organisation complies with the GDPR. An organisation which fails to report a notifiable breach of data protection could be fined up to EUR10 million (£9.0 million) or 2% of its global turnover. That means you have to know when to destroy documents. We’ve compiled a handy schedule for document retention, which you can find on the Knowledge Base section of the website. This is designed so that you and your staff are aware of what needs to be kept, for how long, and why. And we can help with destroying any material that you no longer need, whether that’s shredding documents or disposing of obsolete IT equipment and the data they hold.
We practice what we preach when it comes to backing up data
Step number one to enhancing cyber security is to back up your data. If you have a backup you can reboot your system to a point before a virus attack. The more frequently you backup, the less data you’ll lose by restoring to an earlier point. Your backup should be stored away from your principal system. If you don’t have a backup and have been infected by ransomware or another virus, you should stop using the system. Contact your IT provider, as they may still be able to recover some data. But act quickly – the longer you continue using your system, the more it reduces the chances of data recovery.
We ourselves continually strive for the highest levels of cyber security. CAS’s fully accredited IT services and support partner, Promentum Ltd, routinely undertakes full scans of our network. They operate in accordance with ISO/IEC 27001 compliance. They use GFI LanGuardTM, the predominant network security scanning tool, which can remedy vulnerabilities and install missing patches on networks.
Meanwhile, CAS servers run on an uninterrupted power supply, and are backed up daily using advanced Quantum RDX Data Tape. Each day, we swap cartridges over and secure the tape in a Turtle RDX 10 padlocked case. We then remove this waterproof and double-walled case to another building within our secure gated compound. We place the case in a securely locked Profile NT Fire 017 fire-resistant cabinet.
We take our obligations towards physical and cyber security seriously. That way, we can offer a service that helps our clients meet their own obligations towards their clients, customers and staff members alike. With GDPR in place, the stakes for organisations handling personal data have never been higher.
Contact CAS today to find out how we deliver services that enhance our clients’ physical and cyber security.
About physical and cyber security in CAS’s document storage and facilities management services
CAS provides comprehensive and secure services for businesses in Chelmsford, including document storage and management. For more than 20 years, CAS has worked with NHS Trusts, Financial Services providers, and corporate and private clients. Our head office is just four miles from the City of London, supported by our advanced storage centres across the UK. CAS has an impressive array of International certifications (ISOs), which prove our compliance with the strictest national, European and international laws. They also demonstrate our commitment to provide innovative systems on security, confidentiality and quality control in keeping your files safe and well managed.