We were asked to provide a solution to an Insurance Broker in the South West, who sell products directly to customers on behalf of insurance companies. The key drivers for the client was to not have any onsite servers, and to have a ‘per user’ model, where each new user was billed at a fixed monthly rate for all services. The overriding factor was compliance with the data security requirements of the Financial Conduct Authority (FCA). The client often holds the most personal types of data, therefore GDPR compliance was an absolute must.
Cloud Based Remote Desktop
We designed a Remote Desktop based system on our UK hosted private cloud, CONNECT Cloud, to provide a secure platform in which users could connect. Working with the client, and their compliance team, we concluded that this was the best way to meet the FCA requirement – no data is ever stored on the individual devices, and the connection between the private cloud and the office is secured by a site-to-site VPN, meaning that even in the event of a theft of a device, no data would be lost. We can also allow remote users, where necessary, to connect into specific features of the platform [especially useful in the event of a disaster].
Office 365 & Sharepoint
We worked with the FCA to ensure that the storage of customers data on Office 365 & Sharepoint met their compliance requirements, and we migrated the client’s email to Office 365 over a single weekend. We also installed Active Directory Federation Services (ADFS), meaning that users have single sign on to Microsoft’s Cloud Services, in both the web browser and in the Office applications on the platform – this leads to a seamless integration and removes some of the objections (having to sign in twice) of moving to a cloud based platform.
Printing Leasing & Web Filtering
We also worked with a local multi-function device (MFD) specialist, to review existing printing requirements and the most cost-effective way of providing printing for policy documents and information, within the scope of the platform.
We also utilise Symantec Web Security Cloud to ensure, as best as possible, that users cannot access file sharing sites, or personal email. We also implemented Symantec Email Security Cloud, this means that any data leaving the organisation is logged and auditable.