Persona Security

Security is both important and complex. That’s why we sweat the details.

Persona is Security Conscious

Trust is critical for our clients, particularly those in the financial services sector. Personas’ ISO27001 certification fosters trust and demonstrates an ongoing commitment to safeguarding data.

Paul A Keegan

Security is part of us, and part of you.

We manage information security based on the ISO27001 framework so you have confidence to know that you
are doing your best to safeguard your customer data engaging Persona as your third party supplier.

Certifications

Third-party assurance that Persona has implemented security best practices on your behalf.

ISO 27001
ISO 27001

ISO 27001 is a globally recognised Information Security Management Standard which relates to all information held by a company including employee, client and financial data. Persona have achieved and maintained this standard since February 2006.

ISO 9001
ISO 9001

The worldwide quality management standard, ISO 9001 was created to help companies meet the needs of their customers while also meeting statutory and regulatory requirements. This is our newest accreditation which has followed on from ISO27001. Persona has just achieved this standard since January 2017.

PCI DSS
PCI DSS

The PCI DSS (Payment Card Industry Data Security Standard) since 2013 provides a framework for enhanced payment card data security. Persona has achieved PCI Compliance Level 1, the highest level of compliance, which authorises us to process over 6 million visa transactions annually. We have achieved and maintained this standard since xxxx.

Data Processor
Data Processor

Aluset Ltd trading as Persona is registered with the Data Protection Commissioner as a Data Processor to ensure all data is processed in accordance with all Data Protection Regulations.

C&CCC (APACS) Approved
C&CCC (APACS) Approved

All cheques for use in the clearing process must be produced by C&CCC-accredited printers. This means there is much greater quality control in the paper, ink and the security features used in cheque production. This has helped reduce some types of cheque fraud, namely ‘fraudulent alteration’ and ‘counterfeit’. Persona have achieved and maintained this standard since February 2006

ISO 27001 Benefits

Why it pays to use an ISO 27001 supplier

Accredited certification to ISO/IEC 27001 demonstrates to our customers that we as an organisation
have defined and put in place best-practice information security processes.

1

As our valued Customer we want to safeguard your data and intellectual property

Information is the lifeblood of any business – this is especially true if your clients have entrusted their valuable data to you. Implementing and maintaining an information security management system (ISMS) certified to the internationally recognised data security standard, ISO 27001, is the most effective way of reducing the risk of suffering a data breach.

An ISMS is a systematic approach to managing the security of sensitive information and is designed to identify, manage and reduce the range of threats to which your information is regularly subjected.

2

Win new business and retain your existing customer base

ISO 27001 certification:
Proves we are taking cyber security threats seriously. Our prospective customers are naturally concerned about the security of their data. Compliance with ISO 27001 is proof that we are following international best practice to mitigate threats.

Demonstrates credibility when tendering for contracts. Conformity to the Standard can make the difference between winning and losing tenders.

Gives us a proven marketing edge against our competitors, and puts us alongside the likes of Google, Cisco, and Microsoft.

Helps us to expand into global markets. An ISO 27001 certificate is often a supply chain requirement, while in Japan and India it is a legal requirement.

Helps us to demonstrate good security practices, thereby improving working relationships and retaining existing clients.

Removes the need to complete detailed security questionnaires and respond to auditors for each new client.

3

Avoid the financial penalties and losses associated with data breaches

Data breaches are not only damaging to business, but excessively costly. The average cost of a data breach is estimated at USD $3.79 million according to IBM. To date, the ICO has issued penalties to organisations amounting to more than £5.5 million because of poor information security practices

ISO 27001 is the accepted global benchmark for the effective management of information assets, enabling organisations to avoid costly penalties and financial losses.

4

Protect and enhance your reputation

When it comes to security breaches, loss of customer confidence can have far more serious consequences for an organisation than the fines levied by the Information Commissioner’s Office (ICO) or the Payment Card Industry (PCI).

Cyber attacks are increasing in volume and strength daily, and the financial and reputational damage caused by an ineffectual information security posture can be fatal. According to the US National Cyber Alliance, 60% of small businesses that fall victim to cyber crime go out of business within six months.

5

Build trust internally and externally

ISO 27001 improves our company culture. The Standard’s holistic approach covers the whole organisation, not just IT, and encompasses people, processes and technology. This enables employees to readily understand risks and embrace security controls as part of their everyday working practices.

ISO 27001 improves structure and focus. When a business grows rapidly, like ours, it doesn’t take long before there is confusion about who is responsible for which information assets. The Standard helps businesses like ours become more productive by clearly setting out information risk responsibilities.

6

Comply with business, legal, contractual and regulatory requirements

ISO 27001 is the only auditable international standard that defines the requirements of an information security management system (ISMS). The Standard is designed to ensure the selection of adequate and proportionate security controls that help to protect information assets.

According to the US National Cyber Alliance, 60% of small businesses that fall victim to cyber crime go out of business within six months.

7

Satisfy audit requirements

By providing a globally accepted indication of security effectiveness, ISO 27001 certification negates the need for repeated customer audits, reducing the number of external customer audit days.

Our ISO 27001 accreditation makes our clients feel safe in the knowledge that that they have outsourced to an organisation that have been working to the highest industry standard for over 10 years now.

Data security is what we do…