The identity of a client is always confirmed by staff before providing any personal data or taking instruction over the telephone.
All staff are responsible for ensuring that any personal data which they hold is kept securely and that personal information is not disclosed either orally or in writing or otherwise to any unauthorized third party.
All staff have access to system and shared drives which contain general documents. Access is restricted for sensitive documents as appropriate and which are password protected.
Access to IT system of the company is restricted to staff based on their job profile. Staff access is reviewed and amended as and when necessary.
The use of company laptops is restricted to specific individuals for the purpose of client presentations only. All individuals permitted to use laptops are aware that these must be used and secured appropriately. Following measures must be adhered to ensure safe keeping of laptops and data it contains:
Ensure that the most up-to-date virus and malware protection products are installed
Always use a strong password to protect your computer
Use a password protected screen-saver
Avoid leaving your laptop unattended and unsecured
If leaving your laptop in a hotel room, use the room safe or lock it securely to an immovable object
Do not connect laptops to any public network (public WIFI networks)
If your laptop is lost or stolen, contact the IIB office for assistance
The Insurance application will be accessed through encrypted htttps:// pages. User credentials will be stored in a secure local database and login will be through secure domain authentication.
Data will be stored at a local server located at IIB office. This will be located in dedicated server room. As part of contingency plan in case of catastrophic event, data will be backed up real-time basis in a separate dedicated server by IIB.
All servers, desktops, and laptops, would be secured by McAfee anti-virus protection.
SonicWall Total Secure UTM for Internet Gateway Security to protect the entire network.
Veeam Backup and Replication for Scheduled backups of all servers and user data.
Each computer held onsite can only be accessed by a password which is individual for that person. We do not use a ‘common’ password. Where a member of staff leaves the company, their access is suspended. Employees are encouraged to set up password as per following guidelines:
Be at least eight characters long
Passwords may not contain words found in a dictionary
Must NOT be anything easily associated with you (for instance, information someone could learn about you from Facebook) such as
Your user id
Your phone number
Your pet’s name
Friends or family member names or birthdays
Any other information that can be easily found about you
Must include three of the following four elements
Upper case letters
Lower case letters
Must not be shared with anyone, including your colleague(s).
An anti-virus protection package is installed on all computers held onsite, which provides daily protection against viruses.
Staff are required as best practice to lock their computer when they leave their workstation.