Privacy Matters - What We do to Protect You
A feature of modern business is how much data we‘re forced to provide to companies each and every day. Thanks to some high profile database breaches - looking at you, Yahoo and Facebook - the spotlight is well and truly on how to protect your data.
According to an Australian Cyber Security Centre report, 90% of all businesses have been exposed to some sort of data threat, with 58% compromised at least once during 2016/17*. And things are only likely to get worse, with more information being stored electronically and cyber criminals getting smarter all the time.
So, with those facts front of mind, what does TenderLink do as a business to keep your data safe and sound?
At TenderLink we’re very conscious that our clients share all kinds of highly sensitive information with us. Our CEO Simon Bligh understands that. “As a data-driven business, InfoSec is a key priority for us,” Bligh says. “We’ve built a whole stream of work around this and it’s one of our company values. We take it seriously, because if we get it wrong we have failed in our role as safe keepers of data.” Bligh stresses that data is not a by-product: “It’s a core product and, as such, it takes priority in terms of security and integrity.”
A firewall acts as a security dome over our whole TenderLink web application. We even geek out and pay hackers to try to breach it. Every major IT project is designed with security considerations front and centre. And we regularly review our user authentication and login regimes, adding additional verification steps where required. Cool for you, because you know your data is safer, but we know it’s annoying when you get hit with the dreaded Google Captcha message process, or a message saying, "Sorry, but your password must contain a haiku, a gang sign, a hieroglyph and a sacrificial goat…"
We also have some heavy-duty people and process security regimes. Here’s a snapshot:
- Only work-approved devices can be used within company USB ports
- Weekly signed attestations as to the currency of network security patches
- Only authorised staff members can access and extract system reports including company data
- HR completes very thorough pre-employment checks on prospective staff members
- All staff are required to complete regular and ongoing data security training. That’s company-wide. No exceptions.
The bottom line
We take data security incredibly seriously. "Data security" are not just words on a wall, it’s a mission that shapes our business decisions – at every level.
For you, this means that while your data is in our system we do our best – and then a bit more – to ensure it’s kept safe. We want you focusing on your tasks, publishing tenders and winning work. That’s why we place such emphasis on having a robust system coupled with vigorous processes, so you can sleep soundly knowing we’ve got it covered.