Providing a lone worker safety system comes with a lot of responsibility. Ensuring that we hold data securely, and that our systems are invulnerable to cyber attack, are key considerations for us. The operation of our entire Safe Hub platform relies on commercially sensitive information about our clients. It also depends on personal data which we need to hold on each lone worker. As a company founded on advances in information technology, we take issues of cybersecurity very seriously. In this blog we’ll look at the practical steps we take daily to keep data safe so that we can keep lone workers safe in turn.
Certified against cyber attacks
Lone Worker Solutions holds a Cyber Essentials certificate, demonstrating that we have technical controls in place to protect ourselves against cyber attacks. Cyber Essentials is a government-backed, industry-supported scheme which aims to encourage organisations to develop cyber security systems. Operated by the National Cyber Security Centre (NCSC), Cyber Essentials encourages organisations to adopt good practice in information security.
We work closely with a specialist security supplier. They undertake regular platform penetration tests, independently verify our Cyber Essentials certificate, and provide and monitor our web application firewall. This company act as our early warning system on the latest security threats, recommending changes and updates where required. What’s more, to test vulnerabilities of the Safe Hub platform, we undertake a number of comprehensive tests before releasing software updates. Using an industry-leading software vulnerability scanner, we’re constantly alerted to the latest threats and vulnerabilities.
Holding personal data in compliance with all regulations
Much of the data that we need to operate Safe Hub is commercially sensitive information about our clients. But we also hold potentially sensitive information about our clients’ lone workers. This is so that we can establish escalation protocols in the event of a worker raising an alarm. This may include such information as medical conditions and family relationships, in order that any emergency response is appropriately tailored to the individual in question. As well as Cyber Essentials security controls, we have robust processes to ensure strict compliance with GDPR and ISO27001.
The Safe Hub portal which holds customers’ user data resides in a secure, UK-based, ISO27001-compliant data centre. All the data is protected via clustered firewalls, Microsoft System Centre Endpoint Protection and Web Application Firewall. We deploy dual endpoints to reduce the possibility of a total system failure. To improve performance while providing a high level of data security, we currently deploy Column Level Encryption on the SQL cluster for all personal data.
Backing up and amending data mitigates the risk of cyber attack
One vital element of cyber security is regularly backing up data. Not only does this mitigate the effects of any cyber attack, but it can itself highlight vulnerabilities. We carry out backup of data daily. We then re-encrypt the data, before sending it to a secure off-site repository provided by a specialist data backup company. We keep three months of backups to allow us to restore to a previous data point if required.
For Safe Hub to work properly, we also need to make sure that personal data is regularly updated in the event of changed circumstances. That way, our escalation protocols can provide the appropriate help at the appropriate times. Through system integration, we can seamlessly implement procedures to automate tasks such as database management, making it simple to capture data for joiners and remove data for leavers. We set great store in our fully managed service approach, to minimise the administrative burden on our clients. Our service desk can process any changes to data (including joiners, leavers, or amended details) within hours.
Ultimately, we’re here to keep lone workers safe. And our clients can rest assured that our commitment extends to keeping their personal and commercial data safe too.
Contact Lone Worker Solutions and the Safe Hub team today to find out more about our approach to cybersecurity and our Cyber Essentials accreditation.
Call: +44-(0)161 885 2122
Post by Steve White
Steve is Chief Technical Officer at Lone Worker Solutions (LWS). He works closely with the technical development team and all LWS clients to ensure the effective deployment of Safe Hub. This guarantees the correct integration of Safe Hub with existing and legacy systems, its appropriate scalability, and the efficient operation of systems.