"Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It's also known as information technology security or electronic information security." - Kaspersky
While most of us are aware of viruses that can attack our computers, the threats your technology systems and devices face go far beyond this. You may realise when you are on the internet that you are authenticating yourself with security checks like recaptchas and accepting cookies, but do you know what they do?
There is an ever-present threat of data loss, leakage, corruption, manipulation, and theft. With more businesses being online and more knowledge workers, data is increasingly at the core of day-to-day business operations, and companies are generating staggering volumes of it. This has given rise to information governance technology since much of this data is highly sensitive, and may contain personally-identifiable information about customers and employees.
Cybercriminals know this too, and this is why they are using automation to create and iterate new cyberthreats constantly. They’re even using personal information from corporate websites and social media networks, using phishing scams and new ways to infiltrate your life every day. So it's clear that protecting business-critical data is a mammoth task, but also critically important.
More than any other time in history, people are working from home. If not handled correctly, this poses a risk to businesses. Some security measures that are in place at your workplace, may not be in place on your home network. Some of these may include web filtering, firewalls and data encryption. If working from home is part of your company's current and future plans, your IT team will have to update your company’s policies if they haven't done so already. Some restrictions may apply, and they would have some tips on how to securely work remotely. Here are some as provided by CERT NZ:
Working from home presents every company with a challenge. Each new technology that is implemented needs to be carefully considered. The interaction between these apps and software platforms, the way employees will be using them and house rules need to be evaluated. Then the rollout of these technologies can begin. The reality is that some companies didn't think about these security considerations beforehand, and now are scrambling to get a plan in place.
PIQNIC developed from years of experience in information governance, which has resulted in an intelligent platform that has a focus on document security, amongst others. Protecting your data and information is really important to us. That is why PIQNIC has multiple levels of strong security and data protection. With our robust platform security, admins totally control what levels they apply to data and users. Plus PIQNIC helps you transition from your current document management system to our platform. Here is what PIQNIC offers you:
PIQNIC is protected by multiple levels of network security controlling access to the platform. Document and database storage is fully separated from the platform’s presentation tier which prevents direct access to the PIQNIC repository. Access to the service is audited by our security infrastructure team on a regular basis and basic auditing of activity is provided within the platform. Advanced auditing functionality for administrators is planned in future releases.
PIQNIC provides year-around 99.99% availability, and durability of 99.999999999% of data by taking advantage of duplicated storage technology. PIQNIC takes extra measures to protect data against loss by replicating the encrypted content to other data centres that are completely separate in all critical aspects: telecommunication links, power supply, physical location, etc. PIQNIC storage is designed to sustain concurrent loss of data in two facilities.
All data uploaded to and from PIQNIC as well as all the communication between PIQNIC servers and users is encrypted. This provides secured access from unsecured wireless connections or other public internet access points.
PIQNIC is hosted in the AWS cloud and leverages compliance certifications that apply to the infrastructure used. See a list of compliances here: https://aws.amazon.com/complia... AWS is used for data storage to ensure compliance of personal data protection directives. - Independent validation to the SOC2 and ISEA 3000 Type II standards - SSL encryption (256-bit) prevents interception of data while in transit - Content encrypted at rest to protect from unauthorized access on the server.
PIQNIC is segmented into domains to allow for a logical separation of documents and other artefacts between customer organizations. All users must authenticate themselves using a strong password and some types of users are required to go through 2 step authentication. Once they are authenticated, they are authorized to access a specific organizational domain which gives them access to document management and collaboration tools available to that organization. The level of access is determined through their group membership so their activity is always confined to the appropriate part of the PIQNIC platform.
Information in PIQNIC is secured using granular permissions and role-based security to ensure authenticated users only access the data they’re authorized to. Powerful and flexible security should not require complexity and specialist knowledge to administer it. That's why PIQNIC security model is smart and has been designed to be simple and intuitive both to implement and manage. At its core, it is built around the ability to control and restrict the scope of document searches executed by users. This model allows the implementation of complex security requirements while reducing administrative overheads required for the maintenance of a finely tuned security model for organizations of different sizes and requirements.
PIQNIC's multi-layered security settings make it easy to customize the platform to exactly match how you work with teams, internally or externally. Our security model clearly differentiates between users who belong to your organization and those who don’t. At the top level, administrators control content access for internal users, who in turn initiate collaboration tasks and decide what is shared (from the information they have access to) and who is invited. External users that may be invited to a collaboration session, therefore, have access to the content moderated by both administrators and internal task owners.
Through a smart built-in events framework, PIQNIC listens and registers various types of events such as user activity, document lifecycle events and collaborative tasks, and uses this information to populate audit logs of collaboration tasks and documents making full audit trails of all managed information instantly available. At a user request, some of these events can be relayed to users through instant notifications. Users and administrators are in full control of all important aspects of notification settings - events monitored, notification frequency, notification channel, etc.