No, we have not been subject to a breach to date.
We have system wide endpoint protection that protects all of our workstations and servers from viruses, malware, ransomware and any other malicious code. We run an enterprise grade firewall that allows us to monitor and prevent access to potentially dangerous sites. In addition to this, we also have email anti virus that checks all messages […]
Yes we have a procedure in place in case of a data breach. This information has been provided in the Governments Cloud Software Services for Schools Guide https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/644845/Cloud-services-software-31.pdf which links to our internal document here https://www.bsquared.co.uk/downloads/B%20Squared%20Ltd%20Self%20Certification%20-%208th%20Nov%202016.pdf
Access permissions are checked regularly and also as part of any job role change within the company.
All staff our bound by a confidentiality clause in their contracts along with additional anti-bribery enhancements to contracts of employees with root access to systems. This ensures that staff are bound during and post employment with us. We also have the additional benefit of being on a ListX Secure site which requires all of our […]
We have an internal Information Security Policy which we review annually. This policy drives how we secure our own systems and our requirements for any 3rd party companies we may use to process the data which we are controllers for. This document is not available to view externally however we do have alot of information […]
We do not currently hold an ISO27001 certification however we do conform to many of the requirments. We are looking at moving to an ISO27001 certification in the future.
We use several methods to monitor employees internally from event log management and aggregation to endpoint detection. These are reviewed regularly as well as alerts in place to flag unusual activity.
Once the Data Retention Policy indicates that a schools data is no longer able to be stored on our servers, we start by deleting from our databases the sensitive records. This action then renders any remaining non sensitive data into an orphaned state which becomes unusable. We have a cleanup tasks that then systematically deletes […]
We operate at a 99.9% uptime guarantee however we have exceeded this over the last 2 years. We constantly monitor our servers and their load to see how it is increasing over time. When we deem it necessary, we introduce new servers in advance of there being a capacity problem. We also look at ways […]