Data Security

In the rapidly evolving digital landscape, data has become the lifeblood of businesses and individuals alike. From sensitive personal information to valuable intellectual property, digital data is at the core of everything we do. However, as we are now all aware, the risks of data breaches and cyberattacks have escalated significantly and continue to do so. Therefore, it is crucial to address the importance of data security and the measures we can take to protect our information.

At Risk & Security Management (RS), we understand the importance of data security and have implemented a range of security controls to safeguard the information of our clients, contractors, staff and other stakeholders. We employ a multi-layered approach as there is no singular one size fits all solution when it comes to cyber security. Some of our security controls include:

• Hybrid on-premises and cloud storage approach;
• Incremental backups streamed to multiple disaster recovery sites in addition to offline backups;
• Detailed data retention & segmentation policy and procedures;
• Firewalls deployed at all RS sites featuring a comprehensive gateway security suite as well as content filtering;
• Our AIMS portal is also segregated behind a DMZ and protected by a Web Application Firewall (WAF);
• Security information and event management (SIEM) vulnerability protection through endpoint protection on all RS devices, vulnerability scanning and detailed system logging monitored by an external security firm;
• Annual penetration testing with an external ?CREST certified supplier;
• Adherence to ISO 27001 standard with final stages of certification under way;
• PCI Data Security Standard attestation of compliance;
• Monthly SOC meetings with our outsourced security consultants;
• Multi-factor authentication;
• Industry-standard encryption protocols to protect data both in transit and at rest;
• All RS applications are coded to OWASP standard;
• A detailed security assessment is undertaken on all third party technology suppliers prior to use and on an ongoing basis; and
• Continual review of all security policies and procedures.

Another key aspect of our data security measures is our backup and disaster recovery processes. In the event of a disaster, such as a fire or flood, we have a detailed plan in place to ensure that our clients' data is safe and can be recovered quickly. We also conduct regular security training for all employees to raise awareness of potential threats such as phishing attacks, malware, and social engineering. This helps our employees to identify and report any suspicious activity promptly. Finally, we also conduct regular security audits of our systems and processes to ensure that they remain up-to-date and effective against new and emerging threats.

In conclusion, data security is a top priority at RS, and we have implemented a range of measures to ensure that our stakeholders’ data remains safe and secure. By taking a proactive approach to data security, we can provide you with the peace of mind that you need to entrust us with PII and sensitive information.

Should you require any further information, contact our Senior Relationship Manager Alex Caruana at [email protected]