Google and Cobry’s commitment to protecting customer data.
How we ensure information security and follow GDPR.
ISO 27001 is the internationally recognised standard for Information Security which is published by the International Organization for Standardization (ISO). The standard provides the framework for an effective Information Security Management System (ISMS).
It sets out the policies and procedures needed to protect organisations and includes all the risk controls (legal, physical and technical) necessary for robust IT security management. ISO 27001 is designed to cover much more than just IT. An important part of the Standard concerns data security across all areas of a business; whether it is online or offline.
The benefits for achieving ISO27001 are:
- An Information Security Management system demonstrates compliance with internationally recognised standards of information security, helping to fulfil your legal obligations and comply with regulations.
- It keeps confidential information secure by putting in place robust security policies and access management, allowing for the secure exchange of information.
- Risk management: The Standard manages and minimises risk exposure, providing customers and stakeholders with confidence in how we manage risk.
You can verify our accreditation via this link, and using our certification number – 354492021
Cobry’s GDPR compliance
At Cobry we are committed to complying fully with GDPR and our customers can be assured that we take great care in protecting their data and keeping our own systems secure. We have been working hard to update policies to ensure compliance.
Any data that users enter into G Suite will only be processed in accordance with the user’s instructions, as described in Google’s GDPR-updated data processing agreements You should have received an email from Google regarding this update. If not, click below to find out how to sign the new agreement and ensure compliance.
Google’s GDPR Compliance
Google has created a website with all of their GDPR related content, compliance, and FAQs collated in one handy location. This website details everything you need to know when it comes to G Suite and what you can do to becobe GDPR compliant as a personal data controller.
Please remember that as part of your GDPR compliance with Google you should accept the new Data Processing Amendment.
Increase your Google security
Data controllers (Google Workspace users) are responsible for implementing appropriate technical and organisational measures to ensure and demonstrate that any data processing is performed in compliance with the GDPR. Controllers’ obligations relate to principles such as lawfulness, fairness and transparency, purpose limitation, data minimisation, and accuracy, as well as fulfilling data subjects’ rights with respect to their data. This means that your company must not wait until a data breach occurs, but be prepared and use all appropriate tools and processes in order to comply with the new GDPR requirements and deal with breaches in advance.
At cobry, we can help you secure your business, and reduce the possibility of any sort of breach happening on your systems.
There are a few things you can do to mitigate the risk of any sort of security vulnerability.
Google Workspace has security features and controls that allow you to better control the data within your Workspace environment, such as:
- E-discovery – the process of searching and retrieving information in electronic format. It is useful for legal matters and prevents data loss from employee turnover.
- Google Vault – Use Vault to track user activity. Robust audit trails let you see searches, message views, exports and more.
- Smart Search – Search across your company’s content in G Suite, from Gmail and Drive to Docs, Sheets, Slides, Calendar, and more. This allows for easily locating sensitive files or emails on your network.