After a problem is fixed we learn from what happened to try to stop it from happening again. When they do, we have clear internal processes to ensure problems are quickly reported and handled by the relevant people. We make sure we test the fixes so that they don’t cause new problems.ĭespite adopting industry best practises, security problems can still happen. If we find these weaknesses, we fix them, on a priority basis.
#Sage 500 erp label expert software
We use tools to scan computer hardware and software on a regular basis to look for weaknesses that could potentially lead to security problems. We continually monitor these records so that we get early warning of security problems or other problems so we can understand the issue and fix any problems that occur. We keep records of how our products are being used and how they are performing. We store the copies securely, taking the same care over them as we do over the original data. We regularly make backup copies of our customer data so that if the original data is lost or damaged, we can replace it using the copy. Where we store data in more than one Data Centre, we make sure that the security of each Data Centre is of the same high standard. However as an additional precaution, we often store customers’ data in multiple data centres so that if one is out of action, our products will keep working. They are also built to be able to withstand fire, flood, lightning strike, power failures or other similar events. These Data Centres are secure and access is restricted to those with appropriate permission. We store and process our customers’ data in secure “Data Centres”. We make sure that we properly protect passwords and the keys that can be used to read encrypted data. We issue clear guidelines written by our security specialists for how our employees should use encryption. We often use encryption to protect our customer’ data, for example where is being sent over the internet. Encryption of customer dataĮncryption is a way of scrambling data to help keep it secure. We track and log all employees that have access to customers’ data. We only allow our employees to access customers’ data if it is needed for them to do their job, for example, to provide technical support. We apply rules to control which Sage employees can access customers’ data. We train our employees to make sure that they do not misuse our IT systems in ways that could reduce the security of the data they handle. We ensure that the protections we use are proportionate to the sensitivity of the data – more sensitive data may need extra controls. We keep a record of the data and all the software applications, computers and IT systems that handle it. We keep track of the different types of data that we handle so that we can ensure it is properly protected.
We encourage all our employees to report any information security concerns that they have using a dedicated mailbox, set up for that purpose. If an employee does not follow our information security approach we may take disciplinary action against them. We provide training on our information security approach to all our employees to make sure they understand the role they play. Our employment contracts include terms relating to information security. We ensure reference checks are carried out on new employees and for roles which are particularly sensitive we do credit and criminal records checks. Our senior executives regularly discuss information security and take accountability for security within Sage. We also keep in contact with authorities such as privacy regulators. The security specialists make sure their knowledge of security stays up to date by keeping in contact with groups of technical security experts outside Sage.
We have a dedicated team that is responsible for overall information security at Sage. Our employees are required to use these documents to understand how our information security approach applies to their work. These documents are regularly reviewed to ensure they remain up to date.
We have a set of internal documents that are used to inform our employees about our approach to information security. Our overall approach to information security Our approach to security is under continual review, so we may change any of the descriptions in this document at any time and without notice. This document contains a description of these measures to give our customers confidence that they can trust us with their data. We know how important it is to keep this data safe so we have put in place a set of protective measures, based on recognised industry best practises. We take the security of our customers’ data very seriously.
0 kommentar(er)
