Securing management systems has to be one of the greatest challenges for business and organisations, especially where multiple records of customer data which is held on their systems.
However, it is also the most important! Knowing who last accessed your servers and when is crucial for companies to protect data successfully. In a recent paper by ASSA ABLOY, it recommends 3 levels of security which can work together within an integrated access system.
Level 1 Perimeter security – Physical security which secures the premises in which you work and who / which employees have access including CCTV.
Level 2 Server room security – Using access control door devices, server rooms only allow access to authorised employees and technicians. Server rooms should be dust proof and should have electromagnetic security including security against other physical threats.
Level 3 Racking / Cabinet locking – Again, racking and cabinet access should only be allowed access through designated staff. This is the last line of defence in securing management systems in terms of a physical data breach.
Easyjet under investigation for vulnerabilities in securing their management systems
This comes at a time when airline easyjet reported a data breach whereby email addresses, travel details and the credit card data of 2,208 customer’s was impacted earlier this year in January 2020.
Whilst we don’t know yet if it was a physical data breach or an online attack, the UK government information commissioner’s office (ICO) has been informed and the company is now under investigation. Easyjet has confirmed that they take securing management systems and the safety and security of customer information very seriously and are doing everything they can to comply with the ICO’s investigation.
Does your business or organisation hold and manage customer data, including email addresses and personal contact details, personal data or financial records? Here at Crendon Insurance we protect companies with GDPR data protection insurance to ensure that they have they have the right measures in place in securing management systems by carrying out risk assessments in terms of EU GDPR compliance. To find out how we can support your business further please do not hesitate to contact our GDPR data protection insurance advisors.
Blogs used to write this article: