Prioritising protection of your data.

Prioritising protection of your data.

Our approach is two-fold.

At FYLD, we keep both employees and end users safe and secure.

Top tier certification

FYLD obtained ISO 27001 in 2021, and has recently added Cyber Essentials to our Security Certification stack.

Since our conception, we have collaborated with external consultancies to implement best practices for data protection.

Awareness and training

When an employee starts their journey with us, data protection training is taught in week one. We prioritise data protection training because our belief is that humans play the biggest role in protecting data and information, both keeping them private and secure. FYLD partners with Trainual to supply and audit training.

Our lunch and learn sessions are often used for practical tips. A recent agenda included:

  • Three ways to send data securely
  • Three new ways to keep your laptop secure

Each FYLD employee is accountable to learn and implement measures they put into place and is expected to keep a healthy list of data protection actions. This is tracked monthly by our Chief Operating Officer (COO).

 

Access control

FYLD operates with a “need to know only” system, whereby access to Personally Identifiable Information (PII) and confidential information is available to access by named employees only. FYLD has audit trails where appropriate for access management.

For our product, FYLD end users can gain access using strong credentials or 3rd party integrations such as OKTA. End users that are not active will be removed for further protection.

Asset management

Our laptops are high-grade machines which come with a custom-built package comprising a variety of automated elements. This ranges from automated, high-security passwords to screen privacy filters. Our hardware can be wiped and managed remotely by our IT team.

Using AI for data protection

FYLD has recently upgraded our communication systems. These systems now include AI which will detect cyber threats and trigger automatic training if any employee clicks on unexpected links or attachments. This activity is conducted in partnership with Iron Scales  and reduces FYLD risk to phishing, malware and viruses.

3rd party and FYLD suppliers

FYLD has logged every 3rd party we work with, signed up to additional clauses and will only allow 3rd parties to work with us if they pass our supplier sign-up via Functio. FYLD will not work with 3rd parties that do not pass supplier sign-up, or share our aims and approach to data protection.

 

Encryption and two factor  authentication

Where available, all data, be it on laptops or transmitted, is saved using sophisticated encryption. This means data is consistently analysed for unforeseen or bad actors. All data is encrypted both in rest and in transit.

Incident reporting

FYLD has an internal incident register. This register is updated with any breach or potential breach. Our COO works directly with the UK Information Commissioner Office (ICO). Our internal process allows us to gather information on the type of data, who may be affected and the level of severity – this allows us to effectively trigger a 72-hour data breach process, if required.

Secure hosting infrastructure and disclosure

Data is stored within the EU with a provider that is ISO27001, SOC1 and SOC2 Certified.

If you have found a security vulnerability, please let us know straight away at security@fyld.ai. 

Get in touch

Talk to FYLD today

Now that you’ve explored our data protection strategy, we’d love to show you how FYLD can help your organisation run safer, more efficient job sites. Email us using the details below or fill out the form and we’ll reach out to you.

Email: info@fyld.ai