Security Statement

1. Introduction

This Security Statement provides information about the technical and organisational security measures that Marcus Andreen Limited (“Marcus Andreen”, “we”, “our”) maintains in order to protect clients’ data from being accessed or used in an unauthorised way.

If you have any questions about this Security Statement please contact us by email at marcus@marcusandreen.com or write to Marcus Andreen Limited, 3 Shortlands, London W6 8DA.

 

2. Computer access controls and malicious software

2.1       To prevent unauthorised access, computers and mobile devices are protected with user passwords which are changed on a quarterly basis.

2.2       Laptops are encrypted using Microsoft Bit Locker to prevent unauthorised access if a device is lost or stolen.

2.3       Apple mobile devices are encrypted using Apple Device Encryption to safeguard user data and enable remote wipe in the case of device theft or loss.

2.4       Eset End Point Antivirus is installed on computers to protect against viruses, malware, ransomware and other malicious software.  In addition, Office 365 alerts users of malicious attacks.

 

3. Cloud/hosted systems

3.1       Client data is stored with the following hosted service providers:

  • Microsoft Office 365 – Exchange and OneDrive
  • Xero – accounting software
  • DocuSign – electronic signature

3.2       Access to each hosted service provider is subject to user passwords that are changed on a quarterly basis, together with two-factor authentication.

 

4. Additional security measures

4.1       Versioning System – A versioning history system enables data recovery in case of unwanted edits or accidental deletes.

4.2       Mass File Deletion – A notification and recovery system protects against mass file deletion.

4.3       Hard copy documents – All paper documents are scanned and stored as PDFs, and then shredded (DIN Security Level 3).

Request a quote

  • Your email address will be used to send you your quote, and will not be shared with any other person, or used for any other reason whatsoever, ever.
  • Under the SRA Code of Conduct I am obliged to treat all information provided by you in strict confidence, whether or not you decide to go ahead and instruct me.