While standards and compliance might be a tedious subject, in a profession so reliant on trust, they are essential components for us all to operate effectively. Failure to observe them quickly makes business very interesting!
Believe it or not, even in a technology company serving insurance, culture comes first. It’s attitudes and behaviors that make the company. How we think, how we react and what we do instinctively are vital to our success. As a creatively minded business, though we prize ingenuity, quick thinking and agility, it turns out that boring but essential process often counts for more.
That is why we hold a certificate of conformance to ISO27001—its ideas are part of our culture.
The principles that underlie such standards—in this case for information security, but they apply equally in other spheres—are the core of our approach. Familiarity with effective procedures strengthens them, making a priority of good practice. These things become bound into corporate culture, like the ethics that underpin service, and by creating consistency are the foundation of relationships and value.
Standards are good for culture, and good for clients.
For WCL to be sustainable, trust is fundamental. Information security and integrity are central to maintaining confidence in our services and ensuring continuity in our clients’ business. Clients pass their information through us whether for transfer, processing or both, and everyone relies on its secure, accurate and timely handling.
The ISO27001 standard provides a touchstone for handling data securely throughout the business. It sets out the requirements for an information security management system to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.
Implementing the standard is often seen as a response to legal requirements such as GDPR or to security threats like cyber-crime, data breach, fire or loss and misuse. Adopting standard such as ISO 27001 has never been about ‘box ticking’, it validates and formalises procedures already in place. Certification for WCL is mainly the latter and acts a source of confidence in the strength and resilience of our services.
WCL has consequently strengthened its approach to security by design. Employing the principles of confidentiality, integrity and availability, it approaches every development project and client engagement robustly. Such resilience is an essential today and creates a foundation of trust that increases confidence in service provision.
In an era of increasing cyber-crime, and of intense scrutiny of corporate safeguards, every business is obliged to provide greater protection for its data and for anyone whose information it holds. To adopt new processes in data processing or management, every organisation must be able to trust its supplier/partners fully.
And then there’s the sting in the tail. Companies that fail to implement sufficient safeguards and become the victims of a data loss fave ever greater fines under GDPR and DPA 2018. Last year BA was fined £183m, Marriott £99m. Even the Crown Prosecution Service is not above the law, having to repay £325,000 after losing track of unencrypted DVD’s containing police recordings. Such financial punishments are hard enough to bear, and are inevitably compounded with in depth media coverage and wider reputation damage.
By implementing ISO27001 and formalising processes for security management, WCL is able to demonstrate the strength of its commitment to security and increase confidence in the reliability of its people and systems.
With greater reliance on measure upheld by WCL, companies can be more confident in outsourcing data storage and processing with SaaS applications. In the long run that opens more opportunities for operational efficiency and wider downstream benefits.
For more information about our services, about our approach to information security, or to begin a conversation—confidential or otherwise—please contact us.