data protection

Data Protection

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

Cybersecurity is a hot topic. This is a brief blog on how we view CyberSecurity and Data Protection. Many small businesses are facing CyberSecurity challenges.

At MachFast we take cybersecurity very seriously. There is no perfect system, but we focused on a number of areas where we believe prudent steps can go a long way.

Our philosophy is that our users own their data. We do not market the data and do not sell the data to third parties. In fact, unless it is absolutely necessary (to help with a service issue for example), we never see our users’ data. We have a robust Data Privacy Policy that you can review here.

We absolutely refuse to collect any ‘marketing’ information that is not necessary for getting our customers the services that they want. For example, we only collect information that is required to form a company. We then send that information to Companies House. If our customer chooses to open a business current account, we send the data that is required for the business current account to our partners, CashPlus and nothing else.

We are registered with the UK’s Information Commissioners Office (ICO).

We chose a data center and infrastructure provider that the UK Government and some of the largest companies in the United Kingdom trust – Amazon Web Services. We liked the fact that they are keenly aware of various security threats and concerns that many of us have around our data privacy. You can check out how they approach and mange CyberSecurity by clicking here.

Our mobile apps have 2-factor authentication- similar to what many users will find in their banking and other data sensitive apps. We also have thumb security technology for the iPhones and a pin-code. We took all these steps to ensure that our users operate in as a secure environment as possible when using the apps on their phones. This is a standard that the UK’s HMRC now has made mandatory for all businesses and individuals using their on-line services. You can read an article about that here.

We have a £1 million CyberSecurity insurance underwritten by Hiscox- one of the leading UK insurers. You can read about Hiscox here. Our insurance policy is designed to protect against CyberSecurity threats that may arise in the future. To help other businesses and our users, we include the 2-page summary of our CyberSecurity policy in this blog.

Generally, we view CyberSecurity as a combination of how we approach our business on a day-to-day basis and what tools, policies and procedures should we have in place that will help manage and mitigate risk.

We strongly encourage every business to register with the ICO. ICO’s guidance and information are very helpful. You can visit the ICO here.

In summary, there are no perfect systems, and the CyberSecurity threats change every day. At the same time, a number of basic steps can go a long way to build a protective moat around your business and your customers’ data.

More to explore

how to be a mumtrepreneur

How to become a Mumtrepreneur?

Between wrestling with mummy duties and finding yourself mind-numbingly bored on maternity leave, you’ll seek out new ways to stimulate yourself and

IR35 and limited companies

IR 35 and limited companies

IR35 is tax legislation targeting ‘disguised employees’. A disguised employee is someone who operates as a permanent employee for a client but

email security

Email Security in 3 Easy Steps

Email security is a pain. We keep getting spammed and reading stories in the press about email accounts being compromised. The biggest