Data Security in The Cloud – What This Means for Pacific Transcription Clients
Data security in the cloud is a key factor clients consider before engaging a transcription company to transcribe their confidential and highly sensitive recordings.
Recently Pacific Transcription moved their entire information technology ecosystem to the cloud. The decision to move to cloud-based data storage was made after considerable deliberation, observation of the developing data security in the cloud environment, the encroaching obsolescence of physical hardware, including servers, and careful assessment of risk – both to clients, contractors, suppliers, and Pacific Transcription itself.
I’m happy to report that the move to the cloud was successful. But what does this significant change mean for clients?
Clients can rest assured that Pacific Transcription’s cloud-based data storage is safe and secure. Pacific Transcription now utilises Australian-based instances of the Microsoft Azure cloud network. Many features of this cloud-based network enhance the security of data, and therefore the security and confidentiality of client information.
Enticing Features of Pacific’s Data Security in the Cloud Include:
- A primary protection layer, which includes deployment of a high-specification Fortigate Firewall appliance, fully optimised with IPS/IDS,
- A secondary layer of protection with the existence of a demilitarised zone (DMZ) which separates all file servers from public access points via deployment of a reverse proxy server,
- Utilisation of Microsoft Entra ID cloud-based identity and access management solution, as well as protection by Microsoft Defender for Business, and
- Configuration of the environment to include encryption of all files at rest, with a high-level AE256 encryption algorithm.
Cloud-based Data Storage Additional Features:
Additional to these features are cloud-to-cloud, real-time backups which mean that Pacific Transcription has disaster protection and recovery plans for its operating environment that has World-class metrics for Recovery Point Objective (RPO – or time interval during which data is potentially exposed to loss), and Recovery Time Objective (RTO – or how quickly full operational systems can be restored).
Client Access Remains Auditable, Password-Protected, & Encrypted
Access to the client portal remains auditable via IP number, and all client accounts are password-protected – clients set their passwords, which are stored in a secure encrypted format.
Independent Penetration Testing Is Conducted Regularly
Pacific Transcription regularly commissions independent penetration testing of its systems with credentialled client account access. The last independent penetration test, conducted in October 2023, identified a few non-minor issues, all of which have since been completely remediated. The remaining minor issues are being progressively dealt with, as part of an ongoing code upgrade process.
ISO 27001 Information Security Management Systems Certified
Pacific Transcription continues to hold ISO 27001 Information Security Management Systems certification, a leading international standard focused on information security. This standard was developed to help organisations of any size in any industry, to keep their information and the information of clients, safe and secure.
The Information Security Management System (ISMS) standard is a framework of policies and procedures that includes all legal, physical, and technical controls involved in an organisation’s information risk management processes.
Contact Us
Further information on Pacific Transcription’s data security in the cloud, cloud-based data storage, and the security measures Pacific Transcription takes can be found on our website and in the Terms and Conditions and Privacy policies on our website’s brochures page. Or contact our Enquiries Team for more information – phone 1300 662 173 or email enquiries@pacifictranscription.com.au.
