8 Sep 2020
Tractable: keeping data secure
By Chris Seary, Senior Security Engineer, Tractable
At Tractable, we place an extremely high value on data security.
How high? Well, it’s not a tick-box exercise, enforced on new joiners and then forgotten: it’s embedded into our culture.
We have a dedicated InfoSec function that regularly updates the team on technical and procedural developments, and each Tractabler receives ongoing training, keeping them up to speed with best practice, including regular get-togethers.
Why? Because data is central to everything we do, as we work with the world’s largest insurance companies, helping them accelerate claims for drivers across the world. Insurers have to have complete faith that their customers’ data is secure – which means they must be doubly sure that partners such as Tractable are fully compliant with their requirements.
That’s why in August 2020, Tractable successfully sought and achieved re-certification for ISO 27001, the international standard defining how to manage information security. The detailed external audit found Tractable fully conformed with the standard – with no major or minor non-conformances.
Here’s our top best practice data security tips:
- Make information security an integral part of the organisation’s culture, starting conversations with every part of the business
- Engage InfoSec from the initial design of any system or process
- Policies, procedures and How To guides should all be living documents – make them available via a wiki, and highlight them during the relevant communication channels
- Security training has to be a continuous journey for everybody at Tractable, both online and via presentations