Data security, often referred to as information security (IS), refers to measures taken to prevent unauthorized access to computers, databases and websites. Here are a few things to consider, to strengthen your data security practices.
1. Limit Data Access
Limiting data access based on those who actually need it can help minimize security risks. In addition to things like assigning access based on categories, you can implement infrastructure like a multi-tenant interface to assign roles according to the principle of least privilege.
We use role based access to ensure client data is only accessed by authorized employees who have a legitimate reason to access the information. For example, data trainers can only perform work, while supervisors can perform work, as well as sampling and QA tasks.
2. Document Your Data Security Policy
A data security policy outlines your organization’s commitment to protect the information you handle, as well as the security measures taken to protect said data.
If your business operates in or serves residents of the European Union (EU) and European Economic Area (EEA), include details of your data protection responsibilities according to the General Data Protection Regulation (GDPR). Our security and trust webpage features an overview of our data privacy and security policies. You can also download our datasheet to learn more.
3. Data Encryption In Transit and At Rest
When properly encrypted, even compromised data is inaccessible. Our directly managed workforce prepares work in ISO certified delivery centers, using our secure, training data annotation platform. We encrypt client data in transit and at rest, to protect it from unauthorized access from ingestion all the way through to delivery.
4. Conduct Regular Audits
In addition to limiting data access, encrypting data and following industry-leading data security and privacy practices, consider doing regular audits to help keep your data secure. This could be done on a regular ongoing basis i.e., automated security scanning and pen-testing, in addition to annual or bi-annual checks that take a deeper dive into your infrastructure.
Data privacy and security are fundamental design requirements in our technologies, services, business practices and operations. We use a number of physical and logical security measures, including regular vulnerability testing, to protect client data.