In today's digital landscape, where cyber threats loom large and data breaches dominate headlines (think Optus and Medibank), effective cyber security compliance is no longer optional – it's essential.
For technology companies like Felix, entrusted with safeguarding the sensitive data our customers share, this responsibility is paramount. That's why we've built a robust cyber security compliance program, and in this blog post, I'll delve into how it safeguards customer data.
At Felix, our Cyber Security Compliance program has developed a set of policies, procedures, and controls across all aspects of the business to protect against cyber threats.
Our policies, procedures, and controls are specifically designed to conform to ISO 27001, SOC 2, and the EU's GDPR to provide peace of mind for our customers across the world. The combination of these frameworks formed the core of Felix's Cyber Security "prime directives" to ensure our platform's confidentiality, integrity and availability in managing our cyber security risks.
An effective cyber security compliance program can provide several benefits to our customers:
The cyber security threat landscape is constantly evolving and becoming more sophisticated. According to the Australian Signals Directorate (ASD), both state and non-state actors continue to show the intent and capability to compromise networks (ASD 2023).
The numbers paint a stark picture:
The professional, scientific and technical services sector reported the highest ransomware-related cyber security incidents.
Additionally, the ASD reported that over 92.6% of the cybercrime incidents were from small businesses with annual turnovers below $2 million. These small businesses commonly form a portion of our customers' supply chain and interact on the Felix platform as vendors.
Cybercrime types. Source: cyber.gov.au
Felix has implemented a wide range of security measures to keep customer data safe, including:
We have also recently fortified our defences, collaborating with leading security partners to strengthen our Security Information and Event Management (SIEM) capabilities. This advanced system identifies and addresses potential threats before they disrupt business operations.
Furthermore, recognising the increased vulnerability of small businesses in our customers' supply chains, Felix has been hard at work to bolster several security features offered to our vendor users.
Since October, we've proactively equipped select vendor users with an extra layer of defence against account takeover attempts. With Okta's multi-factor authentication and dynamic geo-location blocking in place, vendors are significantly less vulnerable if compromised by email phishing attacks.
We will be rolling these enhancements out progressively to all vendor users in the coming months, and we strongly encourage everyone to enable these features as soon as they become available, maximising their protection and contributing to a stronger overall security ecosystem.
At Felix, we see cyber security compliance as more than just a box to tick; it's the cornerstone of our commitment to protecting customer data.
Our processes, procedures, and controls, validated and audited against ISO 27001, SOC 2, and GDPR standards, demonstrate this dedication. We take data security seriously, no matter where our customer or their supply chain operate.
Felix's vigilance never sleeps. We keep a pulse on the evolving cyber landscape, staying ahead of the latest threats and trends. This commitment, not just to meet industry standards but to surpass them, is what truly builds trust.
As we review 2024, it's clear that the year brought significant developments for Felix and the industry. Through strategic initiatives, technological improvements, and a focus on key challenges, we've made meaningful progress in several critical areas.
In August 2023, Felix achieved SOC 2 Type 1 certification and GDPR compliance, an exciting moment for us as we continue to hold ourselves to the highest standards for data security.
Previously, we've stepped through a typical technology implementation process and then the methodologies that you can apply: Agile versus waterfall, build versus buy.
In this post, let’s dive into where bottlenecks normally occur in the delivery of an implementation or a project or what steps the project tends to get stuck at.
Get the monthly dose of supply chain, procurement and technology insights with the Felix newsletter.