Prioritising protection of your data.
Our approach is two-fold. At FYLD, we keep both employees and end users safe and secure.
Visit our Trust CentreTop tier certification
FYLD obtained ISO 27001 in 2021, and has recently added Cyber Essentials to our Security Certification stack. Since our conception, we have collaborated with external consultancies to implement best practices for data protection.
01
Awareness and training
When an employee starts their journey with us, data protection training is taught in week one. We prioritise data protection training because our belief is that humans play the biggest role in protecting data and information, both keeping them private and secure. FYLD partners with Trainual to supply and audit training.
Our lunch and learn sessions are often used for practical tips. A recent agenda included:
- Three ways to send data securely
- Three new ways to keep your laptop secure
Each FYLD employee is accountable to learn and implement measures they put into place and is expected to keep a healthy list of data protection actions. This is tracked monthly by our Chief Operating Officer (COO).
02
Access control
FYLD operates with a “need to know only” system, whereby access to Personally Identifiable Information (PII) and confidential information is available to access by named employees only. FYLD has audit trails where appropriate for access management.
For our product, FYLD end users can gain access using strong credentials or 3rd party integrations such as OKTA. End users that are not active will be removed for further protection.
03
Asset management
Our laptops are high-grade machines which come with a custom-built package comprising a variety of automated elements. This ranges from automated, high-security passwords to screen privacy filters. Our hardware can be wiped and managed remotely by our IT team.
04
Using AI for data protection
FYLD has recently upgraded our communication systems. These systems now include AI which will detect cyber threats and trigger automatic training if any employee clicks on unexpected links or attachments. This activity is conducted in partnership with Iron Scales and reduces FYLD risk to phishing, malware and viruses.
05
3rd party and FYLD suppliers
FYLD has logged every 3rd party we work with, signed up to additional clauses and will only allow 3rd parties to work with us if they pass our supplier sign-up via Functio. FYLD will not work with 3rd parties that do not pass supplier sign-up, or share our aims and approach to data protection.
06
Encryption and two factor authentication
Where available, all data, be it on laptops or transmitted, is saved using sophisticated encryption. This means data is consistently analysed for unforeseen or bad actors. All data is encrypted both in rest and in transit.
07
Incident reporting
FYLD has an internal incident register. This register is updated with any breach or potential breach. Our COO works directly with the UK Information Commissioner Office (ICO). Our internal process allows us to gather information on the type of data, who may be affected and the level of severity – this allows us to effectively trigger a 72-hour data breach process, if required.
08
Secure hosting infrastructure and disclosure
Data is stored within the EU with a provider that is ISO27001, SOC1 and SOC2 Certified. If you have found a security vulnerability, please let us know straight away at security@fyld.ai.
Expert insights from our team to yours
All InsightsBlog | November 19 2024
Accelerating distributed generation projects with FYLD
News | November 8 2024
FYLD welcomes Marcio Rodrigues as Vice President – EMEA
News | October 30 2024