Access to computer systems, and member and scheme records and data, is restricted to authorised persons. All electronic data at B&CE’s Crawley Office is held on servers in a secure, locked room. B&CE’s administrators using its in-house system are allocated user names and a password which are required to access servers and network devices. These passwords expire frequently and users are prompted to change them. The system requires best practice from users in relation to setting passwords.
B&CE has an Intrusion Prevention System deployed to counter the threat of unauthorised access from the internet. This is a component of B&CE’s firewall protecting its internal systems, in-house hosted website and mail server. B&CE regularly updates its website and mail server with the latest security patches. B&CE has also engaged a leading IT security specialist firm to carry out regular IT security testing.
Reusable apparatus such as memory disks have data erased in house. Non-recyclable components are transported securely to a site where they are destroyed.