Cybersecurity is a hot topic. This is a brief blog on how we view CyberSecurity and Data Protection. Many small businesses are facing CyberSecurity challenges.
At MachFast we take cybersecurity very seriously. There is no perfect system, but we focused on a number of areas where we believe prudent steps can go a long way.
We absolutely refuse to collect any ‘marketing’ information that is not necessary for getting our customers the services that they want. For example, we only collect information that is required to form a company. We then send that information to Companies House. If our customer chooses to open a business current account, we send the data that is required for the business current account to our partners, CashPlus and nothing else.
We are registered with the UK’s Information Commissioners Office (ICO).
We chose a data center and infrastructure provider that the UK Government and some of the largest companies in the United Kingdom trust – Amazon Web Services. We liked the fact that they are keenly aware of various security threats and concerns that many of us have around our data privacy.
Our mobile apps have 2-factor authentication- similar to what many users will find in their banking and other data-sensitive apps. We also have thumb security technology for the iPhones and a pin-code. We took all these steps to ensure that our users operate in as a secure environment as possible when using the apps on their phones. This is a standard that the UK’s HMRC now has made mandatory for all businesses and individuals using their on-line services.
We have a £1 million CyberSecurity insurance underwritten by Hiscox- one of the leading UK insurers. Our insurance policy is designed to protect against CyberSecurity threats that may arise in the future. To help other businesses and our users, we include the 2-page summary of our CyberSecurity policy in this blog.
Generally, we view CyberSecurity as a combination of how we approach our business on a day-to-day basis and what tools, policies and procedures should we have in place that will help manage and mitigate risk.
We strongly encourage every business to register with the ICO. ICO’s guidance and information are very helpful.
In summary, there are no perfect systems, and the CyberSecurity threats change every day. At the same time, a number of basic steps can go a long way to build a protective moat around your business and your customers’ data.