1. Octree SecuraPro case study
Client: Generic Financial Management plc
Sector: Financial services
Need: To comply with the Financial Services Authority (FSA)
guidelines regarding the protection of confidential
client data held on IT systems.
Reducing the risk of confidential data loss
Regulatory and governance requirements from the FSA are an increasingly
important driver in the need to protect sensitive client data. Companies
are being required to disclose breaches that place Personal Identifiable
Information (PII) at risk, be it from a customer, employee, shareholder,
partner, or other stakeholder prospective.
Generic Financial Management is a FSA compliance The outcome of the audit
firm of chartered financial planners
that has been advising clients on Generic Financial Management plc’s As a result of the audit, it was decided
wealth matters for over 20 years from managing director Paul Thomas to implement SecuraPro to improve
offices in Codicote. explains, “In April 2008, the FSA data security in a number of areas:
issued its Data Security in Financial
Like many companies operating in Services report which highlighted Full disk encryption for GFM’s laptops,
the financial services sector GFM has some well-publicised client data losses which protects against unauthorised
become totally reliant on the use of involving the loss or theft of laptops access to data in the event that one
technology, from office-based servers and memory sticks, and the resultant or more is lost or stolen.
and PCs, to laptops, CDs and USB fines imposed by the regulator.
memory sticks. Web filtering to control employee
“The FSA makes it clear that a access to inappropriate or non-work
The company’s employees have firm’s senior management team is related websites and to protect PCs
access to the internet and email is responsible for making an appropriate from web-based malware.
widely used to communicate with assessment of the financial crime risks
clients and suppliers. associated with its customer data. We Email filtering to protect PCs against
therefore decided that a full security phishing email, spam, email-borne
audit and review of our processes and viruses and malware. It also ensures
systems was required.” that inappropriate or defamatory
material is blocked.
Assessing the risks
Endpoint security on desktops and
Octree undertook an audit of GFM’s server with antivirus, anti-malware
systems and IT infrastructure. Tony and proactive threat protection (IPS).
Richardson, Octree’s managing
director, explains, “We have developed Patch and vulnerability remediation
a sound methodology based around a to keep software up to date.
detailed questionnaire that assesses
the level of compliance with the FSA’s A managed firewall and VPN offering
data security guidelines, and accepted secure remote access for mobile users.
industry best practice.
I am confident that with SecuraPro Octree also provides a wide range of
installed our IT systems satisfy the “This tool can be used by companies managed IT services, including the
FSA’s regulatory requirements in within the financial services sector routine monitoring of critical server
a cost-effective manner that does to assess their level of compliance services, server storage and backups,
not expose our clients to potential and quickly identify fundamental proactive support for the IT systems,
cybercrime or identity theft. weaknesses in their IT security and remote desktop support.
systems and procedures. We will be
Paul Thomas, managing director, making the questionnaire available For further information, visit us on the
Generic Financial Management plc via our website.” web at www.securapro.co.uk.
2. About Octree
Established in 1990, Octree is a specialised IT solutions company with a proven reputation in the
deployment, securing and support of computer networking for small to medium-sized businesses.
Octree offers complete computer network systems, from wired and wireless local area networks,
complete communications solutions and data protection and management, through to proactive
systems maintenance and managed business continuity services.
We offer fully independent advice and we do not drown people in confusing technical language.
All our computer network solutions are developed as ‘best fit’ propositions based on what we hear
from our clients.
We have developed cutting-edge knowledge and skills through vast experience and ongoing
technical training, supported by our partnerships with companies like Microsoft®.
Octree Limited, The Lloyds Building, Birds Hill, Letchworth, Herts SG6 1JE tel: 08456 171819 web: www.octree.co.uk
Securapro is a registered trademark of Octree Limited