Digitization brings many benefits to society. It accelerates processes, reduces costs and boosts business agility. However, there is also a downside. Organizations increasingly have to deal with cyber-attacks. The Dutch Data Protection Authority reported over 27,000 reported data breaches for 2019, an increase of 29 percent, compared to 2018. The successful ransomware attacks on Maastricht University and the Wetsus research center are still fresh in everyone’s memory. In both cases the institutions saw no other option than to pay the ransom the hackers demanded.
Safe and reliable
These – and many other – examples of successful attacks underline the importance of a solid approach to information security. This certainly applies to us at Onetrail, because we process large amounts of data for customers via our cloud platform on daily basis. This must be done securely and with integrity , because every breach of customer data can not only cause major financial damage, but also lead to reputation damage. Hence, information security is not a separate activity at Onetrail, but an integral part of our organization. In everything we do we have a keen eye for information security, which goes far beyond the ISO27001 certification. Security is the guiding principle in everything Onetrail does.
In everything we do we have a keen eye for information security, which goes far beyond the ISO27001 certification.
Importance of quality
Sandra de Vries, team lead Delivery, points at the quality aspect with regard to security. “With every change or new release, we use a number of strict procedures, including the four-eye principle. All procedures and tests are always checked by two colleagues. In addition, we always include the security aspect as a standard and we work hard to automate this type of process as much as possible. This ensures that we can work more efficiently and not skip steps.”
According to Sandra, Onetrail has the advantage that it operates a completely closed network for customers. “You can only access our platform if we recognize you as a customer. This recognition goes further than just a user ID and password. This means that non-customers are absolutely refused by the network. In addition, the use of security protocols ensures that there is always a secure file transfer between our systems and those of our customers.”
Technical measures
In 2019, Onetrail moved its network to a new data center. While preparing this migration and in the period after that, the TechOps department worked in different ways on building a solid and secure foundation for the Onetrail platform. Jurgen Goedbloed, Linux Systems Engineer at this department, cites as one example the deployment of largely centralized user account management. “That means that we manage all user accounts in one place. This not only provides more insight and overview, but also makes it easy to define roles for groups with regard to access. Security was also an important issue in another context when building our new data center. We consciously created different ‘islands’ there , so that not everyone can easily hop from one system to the other. You have to authenticate yourself each time. These are just a few examples of how we ensure that all customer data that go through our network is secure. ”
Prevention is better than cure
According to security specialists, it is not a question whether an organization will ever be attacked, but when. Sooner or later, every organization will fall victim to a hack. That is why it is important for every organization to effectively secure its data. But there is also the ecosystem of partners that every company has to deal with. That group must also work continuously on measures to protect its customers against attacks and data loss. And that is exactly the reason why we at Onetrail put security first on the agenda.
For more information about information security at Onetrail, contact Onetrail Support. We are happy to help you.