Online crime is growing at an alarming rate. According to the Hiscox Cyber Readiness Report, the number of organizations affected by cyberattacks rose from 41% in 2018 to 61% in the first half of 2019. Ransomware attacks aimed at businesses are also on the rise. This article in PCMag notes that an antivirus firm, "... noticed a 363 percent year-over-year increase on ransomware attacks targeting clients running its business software.” This can spell disaster for an enterprise that’s caught unprepared.
The natural response from businesses is to curtail their use of advanced information technology services for fear of that service being hacked and exposing them and information about their clients and employees. This McKinsey Digital report notes that for many business executives, “mitigating the effect of attacks often requires making complicated trade-offs between reducing risk and keeping pace with business demands…”
As a Risk Manager, you are the individual most responsible for protecting your firm against all forms of risk, including natural and manmade disasters, as well as cyber attacks. So you want to be sure that the companies you do business with are doing their part to protect themselves, and the information you share with them, from exposure, loss or damage.
This is why PlusTrac™ has taken steps to ensure your data is protected. Here’s how we’re ensuring your information is safe:
PlusTrac™ Data Security
Commercial-grade data storage
Our data center is a safe distance away from our operations, mitigating risk should a catastrophic event occur at our main location. It is designed with the following in mind:
- Cutting-edge physical and network security
- Disaster recovery options
- Many tools for environmental control, such as smoke detection and redundant cooling
The center is also SSAE SOC2 compliant. SSAE stands for Statement on Standards for Attestation Engagements. As this Atlantic.net article explains, it refers to the regulations that require companies to provide a written report that "describes any and all controls at organizations that provide services to customers when those controls are likely to be relevant to user entities internal control over financial reporting".
SOC2 is an additional report that "focuses on controls at a service provider relevant to security, availability, processing integrity, confidentiality, and privacy of a system. It ensures that your data is kept private and secure while in storage and in transit and that it is available for you to access at any time."
In addition to SSAE SOC2, our data center also complies with anti-terror force protection codes with:
- Full-time onsite armed security
- Video surveillance and monitoring tools
- Biometric security controls
- Mantrap access control
Access to our data center (and data) is controlled
In order to gain physical access to the data center, authorized personnel need a photo ID, hand or retinal biometric scan, and be accompanied by a member of staff. Visitors also need to surrender a TSA-approved ID to access the facility.
Strict access control is not only physical, but also virtual. Customer data is only available to those with approved usernames and strong passwords. If a user wants to edit data, they must have the relevant level or permissions. Finally, a Cisco ASA 5510 firewall provides an additional layer of protection.
Regular data backups
Our entire database is backed up daily, so any AED data can be restored when needed.
We believe that support should be available from any location with internet access. Our support files are stored on the cloud, and our VoIP system ensures you can reach us easily.
PlusTrac™ takes data security seriously
It’s our commitment to you and your data security that drives our investment in these technologies. We’re working around the clock to protect not only your data, but also the lives of you and your employees with our AED management program. So, what does this mean to you? It means that you don’t have to worry about sensitive data loss or exposure when you use our system. Click here to see how our AED management program can help you.