All websites and applications hold some kind of personal information about their customers, and your business will be no exception. More than ever it is vitally important to make sure that the data your customers trust you with is as safe and secure as it can be.
While every digital agency will tell you how they understand why security is important, Headland developers have over 15 years of experience in developing secure financial systems, having designed and built the UK’s first general-purpose bill payment system back in 2002. Originally built for Girobank, the system is still developed and supported by us today with over 200 local authorities and services relying on the technology for payments, every minute of every day.
At Headland we employ our own security guidelines, taking into account our vast experience over many years of technological changes, covering vulnerabilities such as cross site scripting, SQL injection and the importance of the contextual validation of all data.
But more importantly, we can back up our security credentials with the Government’s Cyber Essentials Plus security standard, and FSQS accreditation.
This is effectively a security standard set by the Government as part of the National Cyber Security Strategy.
Unlike the simpler Cyber Essentials scheme, the ‘Plus’ is a fully manually audited accreditation where a security specialist visits the business premises to penetration test and confirm the following:
Like FSQS, the Cyber Essentials Plus accreditation is applied for yearly to make sure our security systems are always up to date.
The FSQS accreditation mark is valued by some of the largest purchasers in the financial industry. It indicates a successful audit process and demonstrates Headland’s commitment and credentials to the industry.
The FSQS auditors check more than 12 areas for compliance, including our approach to financial stability, IT security, fraud, GDPR and responsible business governance.
The accreditation is accepted as part of the pre-qualification process by 18 major banks and insurance companies including the Bank of England, Santander and Lloyds Banking Group.
The FSQS accreditation is updated yearly to make sure we keep up with all new legislation and security methodologies.
With online fraud on the rise, it’s very important for a company to make sure that systems are in place to intercept any fraudulent attempt to fraudulently access our data or to gain financially by deceptive means.
While we employ the standard automatic detection systems for emails and access controls, by far the greatest way to succeed in the prevention of fraud is to make sure staff understand the means by which fraudsters work their trade through false representation, failing to disclose all information and abuse of position. Therefore, all our staff undertake fraud awareness and prevention training annually.