As government-mandated data protection regulations become increasingly commonplace, the need for air-tight ICT security has transitioned from being a beneficial feature to a critical system component. International enterprises, particularly those based in GDPR-affected Europe, no longer have the luxury of discretionary security spending. If sensitive customer data is not protected, then non-compliance—and a host of steep fines—will be the result.
With over 18 years of experience in enterprise case management, iCasework is particularly well-suited to address the specific needs of large-scale enterprises. The recent launch of our on-demand GDPR case management solution, coupled with an array of security features across all of our solutions, convey our dedication to keeping your content—and your customer’s data—as secure as possible.
In today’s article we’ll discuss some of the security measures we take to ensure that the confidentiality, integrity and availability of your data is our number one priority.
We are an ISO 27001-certified company (ISMS) that is currently gaining PCI DSS certification for all platforms. Our Information Security Management System, guided by our ISO accreditation, follows a systematic approach to the management of customer information.
Remaining compliant with our ISO accreditation involves a constant effort to ensure that our cloud-based infrastructure meets or exceeds customer expectations. We use Amazon’s Cloud Infrastructure and its component services to manage our hosting and database requirements.
In terms of security, iCasework takes extra steps to ensure that your data is protected at all times. Automated backups, network isolation, fail-over automation, data replication across multiple data centres and AES-256 encryption all combine to keep your sensitive data fully protected from all potential threats.
In order to ensure the reliability of our systems, we proactively engage with an external security company to conduct quarterly vulnerability scans, and annual penetration tests, on all of our AWS platforms.
Our ISMS has a significant focus on internal processes that ensure consistency in how we deal with security issues. Our ISO-aligned policies & procedures address a wide variety of topics, such as incident reporting, acceptable use, network security, third party usage and service/business continuity.
As always, the treatment of customer data is at the forefront of all policies. For example, iCasework support staff do not access customer data as a matter of course. Only in rare cases of support or maintenance—and only after explicit permission is granted by the customer—will we log in to our customer’s platform or look at customer data.
In those rare instances, we look at the data using a remote desktop system with limited functionality (e.g., no printing or downloading capabilities). Even after access to the RDC is granted internally, the customer needs to grant UsefulFeedback access to our authorised support staff.
Behind-the-scenes, our system keeps a record of all administrative and configuration changes. All iCasework software platforms maintain a detailed audit trail that cannot be deleted or amended. This also applies to infrastructure changes, such as database server logs, application server logs and virus checking logs. Our ISMS processes include daily, weekly, monthly and quarterly routines to examine logs to proactively determine any potential security issues.
Our ISO 27001 ISMS accreditation, coupled with our upcoming PCI DSS certification, convey our dedication to safeguarding customer data while enabling your enterprise to more closely align with GDPR and other regulatory requirements. The number of threats to sensitive data, whether from malicious activity or simple internal error, pose a constant challenge to large enterprises. iCasework helps to alleviate those stresses via a multi-layered robust infrastructure and internal processes based predominantly on the stringent requirements of ISO 27001.
We look forward to telling you more about how we prioritise the security of customer data across all iCasework platforms. Interested in how UsefulFeedback can address your complaint management needs in a secure environment? Book a Demo today.
Expertise from acknowledged complaint management thought leaders
Consultative approach to solving your specific problems
Easy to use and secure with powerful integration features for rapid roll out