Validus security practices are designed to ensure that:

  • Information is protected against unauthorised access and unauthorised disclosure.
  • Integrity of information shall be maintained.
  • Business requirements for the availability of information and systems will be met.
  • Regulatory, legal and contractual obligations will be met.
  • Business continuity plans will be produced, maintained and tested.
  • All breaches of information security, actual or suspected, shall be reported and investigated.
  • Information risks will be identified, documented and managed and any controls implemented will be proportionate to the risk.

Security measures are extensive and include:

  • Physical access controls to premises and physical resources
  • User authentication and role-based access to data and functionality
  • Sophisticated network protection
  • E-mail encryption and monitoring
  • Internet monitoring and access control
  • Data is securely encrypted in transit and at rest
  • Malicious software control
  • Software compliance
  • Change control
  • Information backups
  • Business continuity planning & testing
  • Data destruction and retention policies
  • Incident reporting
  • Information security audits and third party penetration testing