Covid-19 Data Security Measures

  • All of our staff receive regular training on data protection and information security – we have home-working guidance which all staff have to sign. This reminds them that they have to keep your information confidential and provides practical ways to do that when working from home.

  • All staff must read our security policies, standards and procedures and these are available to staff at all times.

  • Our staff access our systems through a Virtual Private Network (also known as VPN) with multi factor authentication - this is a technical control to prevent unauthorised access to our data and systems.

  • Staff are unable to use removable media and printers - only authorised staff can transfer information from their computer to USB memory sticks and no staff can print at home.

  • Staff are only able to access the websites they need to do their job – they can’t access personal email or file sharing sites.

  • All staff computers are fully encrypted with industry standard encryption.

  • We use data loss prevention tools – these automatically block unauthorised sharing or emailing of confidential information.

  • We have anti-virus and anti-malware software – this is on all staff computers as well as protecting our email and internet systems.

  • We use email filtering – emails are scanned to stop our staff getting phishing and spam emails.

  • We monitor access and changes to files – this includes logging all access to customer data.

  • Our security operations centre monitors our security systems 24 hours a day, 7 days a week. They make sure our systems are operating correctly. They also monitor for unusual activity such as misuse of company devices or anyone trying to transfer confidential information.

  • We comply with the Payment Card Industry Data Security Standard when we take card payments.

  • Lowell Group is ISO27001 certified – this means that our Information Security Management System meets the international standard.