Information Security at Assent


Committed to Security of Your Data

Information and Cyber Security are core principles at Assent.

We believe we’ve struck a balance between accessing the benefits of modern technology and work methods, while managing the associated risks to a reasonable level.

 


Trust in Our People

Our people have a passion for security.  We've assigned key roles and responsibilities to ensure that there is segregation, accountability and oversight when ever data is accessed or processed.

Regular training and awareness is provided across our teams and individual consultants to maintain our culture of security excellence.


Secure Transfers & Communication

Our audit report review process ensures that the information recorded within our reports is appropriate and reduced to the minimum necessary.

However, the reputation of our clients and ourselves is important to us, so we now enforce a pre-shared password to secure documents as they are sent between us.

We will also conform to clients’ preferred transfer systems or policies as required.


Device Security

For flexibility and resilience we only use laptops at Assent, which have hard drive encryption and strong passwords.

Endpoint malware protection is deployed across our company devices and is centrally monitored by our Service Desk.

We deploy a robust security policy to devices including enforcing OS Updates and setting automatic screen locks.


Systems & Services

The number of systems we use is limited, however we distribute key operational functionality across different providers to increase our resilience.

We also enforce Multi-Factor Authentication where it is available and utilise a VPN when connecting to sensitive systems remotely.


Workspaces & Offices

Flexible working and collaboration are at our core and as such we utilise co-working spaces in line with our mobile working security policies.

These spaces use either access fobs or cards, have CCTV and attended receptions.

However we are conscious of other tenants in the communal areas and enforce strict Co-Working Security Policies.


Resilience & Continuity

Our IT infrastructure is built to be resilient, meaning any of our people can work anywhere in the world with the same ease and security.

However, our business continuity management programme involves testing and exercising plans to ensure they are fit-for-purpose should unexpected events occur.

 


Personal Data & GDPR

Even though the services we provide involve minimal personal data,  Data Protection matters to us!

Read more: