Cloud Best Practice Firm
We are a Practice Protect™ certified firm. This certificate includes, but isn't limited to the usage of Practice Protects™ cloud access technology system that can:
- Restrict remote access to specific locations and/or block overseas access to our systems;
- Track and monitor attempted access to our systems and identify suspicious access;
- Log usage in an audit trail and retrospectively determine the suspected source of a breach to report to authorities. With this tool we can see what applications were accessed, when they were accessed and from where;
- Terminate user access to all sensitive cloud applications by disabling a single user account;
- Remotely wipe mobile devices in the event they are breached, lost or the user associated with the device is terminated. We are able to restrict access to reasonable times such as business hours;
- Share access to applications using a single user ID without having to divulge cloud app passwords to staff;
- Require only one single password to all sensitive applications for staff to remember, decreasing the risk associated with ‘password sprawl’;
- Apply two step authentication (2SA) to access all sensitive applications (not on an application by application basis);
- Centralise our identity systems so that access to desktops, servers and browser-based cloud applications are accessed via one single identity.
Add a role here
We also have access to policy documentation through Practice Protect™ that:
- Educates and sets expectations on staff in relation to best practice for password and access management;
- Governs interactions with third parties such as IT contractors or outsourcing providers and what occurs should there be a breach of our data security policies;
- Makes clear how we manage client information;
- Lays out the steps for responding and communicating in the event of a data breach.
This cloud best practice certification reiterates our firm’s commitment to be responsible data custodians.