How does a security organisation approach security?

How does a security organisation approach security?

Trust is the foundation of our brand. Daltrey is quite literally a business built on trust. So security, regulatory compliance and privacy are our core functions and protecting our users’ data is at the heart of every decision we make.

One of the first things we consider is our policies and framework. This includes both our internal practices, culture and policies, as well as our customer-facing solution. So we work to ensure we go above and beyond what’s required to comply with all the relevant industry security frameworks.

Cryptography is a key security aspect of Daltrey’s biometric solution. All connectivity is to be encrypted, including within the AWS cloud. Data in transit and at rest will be protected by encryption. The Physical and Environment security of the solution are a joint responsibility and will involve adequate security controls being implemented at AWS and customer data centres, and at the server, storage, and network level.

While we can be confident our own house is in order, we also work with various suppliers. This means vendor choice and vendor partnerships are a key part of our security framework. Each vendor plays a role in the overall security and resiliency of the solution, so we ensure they hold themselves to the same high standards that we do. This includes having a strong identity access management foundation, traceability, security at all layers, security best practices, protecting data in transit and at rest, preparing for security events, and security risk management.

We champion the zero trust model. This means transparency is key, and we fully encourage and expect our customers to verify and validate our security measures.

To learn more about Daltrey’s security framework, click here.