Call Us 020 8988 0627


Blog

Data security at Fair Finance

We take protecting our clients’ data seriously. There are a number of steps that we use to ensure that everything that you share with us is secure and is held in the strictest of confidence. Some of the measures that we have in place are:

    1) We’re Cyber Essentials Certified
    2) Our website uses SSL Certificates to encrypt information you share with us
    3) Our application form is powered and hosted by Microsoft, with a large array of security measures in place
    4) We’re registered with the Information Commissioner’s Office and have a detailed privacy policy available here.
    5) All of our staff undergo data protection training each year

If you’re worried about your own cyber security, we recommend that you visit get safe online for lots of useful tips and advice.


Here’s a bit more about the technical measures we have in place to protect your data:

Cyber Essentials

Cyber Essentials Badge (High Res)

To ensure that we maintain internal security we have attained a Cyber Essentials certificate.

Cyber Essentials is a simple but effective Government backed scheme that aims to protect organisations, whatever their size, against a whole range of the most common cyber attacks. Certification gives you peace of mind that our defences will protect your data against the vast majority of common cyber attacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place.

For more information on Cyber Essentials visit https://www.cyberessentials.ncsc.gov.uk/


Website Security

We have officially registered SSL Certificates attached to all pages on our website and application form.

What is a Security Certificate?

When you go to a site that uses HTTPS (connection security), the website uses a certificate to prove the website's identity to browsers. To help you stay on safe on the web, browsers require websites to use certificates from trusted organizations.

What is HTTPS?

The main function of HTTPS is the authentication of an accessed website and the privacy of exchanged data. The encryption of communications between a user and a website protects against eavesdropping and tampering of the communications. In practice, this provides a reasonable confidence that one is communicating without interference by attackers with the website that one intended to communicate with, as opposed to an impostor.

How can you check for a security certificate?

You can check whether a website has a valid security certificate by looking for the padlock as shown in the below image.

ssl1

As well as the padlock you may see some other icons. These symbols let you know how safe it is to visit and use a site. They tell you if a site has a security certificate, if the browser trusts that certificate, and if the browser has a private connection with a site.

What each icon means:

padlock Secure: Information you send or receive through the site is private.

not secure i The site isn't using a private connection. Someone might be able to see or change the information you send or receive through this site.

On some sites, you can visit a more secure version of the page:

    1. Select the address bar.
    2. Delete http://, and enter https:// instead

not secure ! / dangerous It is recommended that you don't enter any private or personal information on this page. If possible, don't use the site. Something is severely wrong with the privacy of this site’s connection. If you see a full-page red warning screen, the site has been flagged as unsafe


Microsoft hosted application form

We use a system called Microsoft Dynamics 365 to process applications and review cases. The following are some of the steps that Microsoft takes to ensure that data is held securely:

    • Dynamics 365 uses encryption to protect your data. Connections established between Fair Finance and Microsoft datacenters are encrypted, and public endpoints are secured using industry-standard Security.
    • Microsoft provide each organization using Dynamics 365 with its own logically isolated data repository to maximize the security and integrity of your data.
    • Dynamics 365 leverages the Microsoft Cyber Defense Operations Center (CDOC), which brings together security response experts from across the company to help protect, detect and respond 24x7 to security threats against our infrastructure and services in real-time.
    • For more information on Dynamics 365 security visit https://www.microsoft.com/en-us/trustcenter/security/dynamics365-security
← Back to our blog