Data Security: Our Obligation—How VE Keep your Sensitive Information Safe

Myspace: from Rise to Rest in Peace

Year 2003. Chris De Wolfe and Tom Anderson co-founded Myspace, the American social networking site that became one of the biggest networking sites in the world, even surpassing Google in the number of daily visitors. Up until 2008, Myspace was at its peak, where users logged in each day to connect with friends, post photos, and play music. Acting as a platform to discover new artists online, Myspace became the stepping stone to success for artists like Avicii, Adele, Sean Kingston, Owl City, and Lily Allen among numerous others.

Year 2019. Myspace returned to headlines, but unfortunately, for all the wrong reasons. In March, Myspace announced that the site had lost close to 50 million songs from 14 million artists, along with numerous photos and videos, all of which were uploaded by users prior to 2015. The site went on to disclose that retrieving millions of files was nearly impossible and that the loss was irreversible.

Lessons learnt from Myspace?

The Myspace era got users comfortable with the concept of cloud computing. The vast majority of users were unaware that the cloud has the capacity to delete data in its entirety should a technical glitch occur at any given point in time. Myspace taught a valuable lesson in 2019: if appropriate backups are not in place, the internet can someday lose all your data.

Solution?

Cloud computing is one of the key technologies that accelerated outsourcing and offshore projects. As Myspace is witness to, although it brings forth numerous benefits, it also involves certain risks. When you base a company entirely on internet-based technology, you make it easy prey for hackers. Which is why you need to trust a company that has strong software interfaces and secure encrypted servers.

At Virtual Employee, we understand that digital data is your most valuable asset. Thus, before you sign a contract with us, you can carefully study and examine all our security capabilities. Adhering to stringent IT protocols, security, and legal provisions, we are an ISO 27001:2013 certified company with an established ISMS (Information Security Management System) framework.

Now, dealing with the second part of the problem, backups. Despite Myspace’s error, it is not the concept of backup that is unnerving, but where the backup is going to be stored. When you work with your virtual employee, his or her system is directly connected with yours, thus ensuring that your organization remains the sole owner of your intellectual property.

We also disable access to external storage devices, USB ports, printers, and unauthorized data transfer channels to ensure that no duplication of data takes place. Appropriate software monitors your employee’s activities on external emails and interactions with the outside world, while our NDA (Non-Disclosure Agreement) imposes severe penalties for any form of client data breach.

Data Breach: Mayhem of the 21st Century

While Myspace ended up losing a massive amount of user data, companies like Yahoo experienced data breaches in 2014 that compromised the private information of over 500 million users and cost the company millions of dollars. Be it Yahoo, Facebook, or Twitter, each of these companies has, at some point in time, experienced some of the biggest data breaches of the 21st century. Compromising the sensitive information of billions of users, these companies have also incurred immense losses in the process.

Source: Statista

1. Yahoo (2013 – 14): 3 billion user accounts affected
2. Marriott International (2014–18): 500 million customer records exposed
3. eBay (2014): 145 million users affected
4. Equifax (2017): 143 million customer records compromised, including 209,000 credit card details
5. Target Stores (2013): Credit and debit card details of 110 million customers exposed
6. Uber (2016): 57 million users affected

Cybercrimes have become one of the biggest threats to online businesses. Although several companies blame internal servers or system errors for particular breaches, statistics reveal that over 50% of security breaches in 2018 occurred due to malicious outsiders.

Source: Statista

So, when it comes to information processed abroad, how much do you really trust your offshore partner? One of the biggest mistakes companies make is failing to thoroughly check the authenticity of an offshore agency. Many also fail to properly review contracts before signing them. Before getting started, ensure that your offshore partner performs adequate criminal background checks on hired virtual employees. This helps ensure that the resource employed by you has no prior negligent behavior whatsoever.

For the remaining steps, here’s a quick checklist:

Nailing Overseas Security

When it comes to data security, it all comes down to the manner in which communication is managed within your offshore company. As stated earlier, your resource’s system is directly connected to the servers in your office, thus minimizing the risk of data breaches from your virtual employee’s end. Additionally, we also set up online collaboration tools that enable you to view your employee’s screen at any given time and assign virtual desktops to your resource for additional safety.

Since Virtual Employee is an ISO 27001:2013 certified company, we follow an established Information Security Management System (ISMS) framework with mandatory protocols for handling sensitive client data. While the goal of ISMS is to minimize risk and ensure business continuity by proactively limiting the impact of security breaches, VE’s goal is to ensure that your valuable data and information remain secure at all times.

Visit our Facility

Data security is more than just words. This is why we urge clients to visit our offices in India, so they can conduct appropriate security audits, review our IT security procedures, read contracts and non-disclosure agreements, and finally make an informed decision based on what they experience. We are located in Noida, including our office at the Special Economic Zone (NSEZ), which is governed and regulated by the Ministry of Commerce and Industry, Government of India.

To put your worries regarding offshoring at ease, here’s an important fact: In order for any organization to operate within the Special Economic Zone, it must qualify and fulfill specific prerequisites set by the Government of India. Space is granted only after these requirements are fulfilled. Thus, only legitimate and compliant companies are permitted to operate from the NSEZ.

Certifications and Authenticity

Virtual Employee is a CMMI SVC Level 3, ISO 9001:2015, and ISO/IEC 27001:2013 certified company, and has been in operation since the year 2007. In these 18+ years of successful business, we have consistently maintained stringent security standards and operational excellence across the organization.

Firewalls, Anti-Spyware, and Additional Security Measures

The importance of firewalls and anti-spyware measures has been stressed time and again when it comes to internet security. Apart from implementing stringent firewall, antivirus, and anti-spyware systems, we also ensure that all our systems are securely isolated from one another on the network. Thus, any form of access requires prior admin authorization and remains directly under the control of our IT department.

Domain authentication using LDAP is also managed by our IT staff. Additionally, prior written permission from Project Leads is required if an employee needs access to external drives or data transfer devices.

Finally, to put your worries to rest, here’s a quick look at the clients who vouch for Virtual Employee:

Here’s a look at how our data security measures help safeguard your valuable business data.

Watch Video: Offshore Outsourcing

Huge thanks to Akram Khan of Human Resources for providing technical inputs.