Online solutions provider Ebbon-Dacs has achieved an internationally recognised standard for its information security, to ensure it meets the data protection requirements of the company's major contract hire and leasing clients.
Ebbon-Dacs online solutions are used by many of the UK’s major vehicle leasing companies, including nine of the 10 largest, to help sourcing, acquisition and vehicle movements on behalf of fleet clients.
Its products include the Leaselink e-procurement system and the complementary vehicle delivery and collection system moDel, both of which process large volumes of client data and information.
Leaselink alone handles 170,000 new electronic vehicle purchases annually, while some 20,000 vehicle movements are processed through the moDel system every month.
Most major leasing companies now require suppliers in their supply chain that process large amounts of confidential client information to have the appropriate information security management systems in place to properly safeguard data.
In response, Ebbon-Dacs has achieved ISO 27001, which demonstrates that a company is following information security best practice. Accreditation provides an independent, expert verification that information security is managed in line with international best practice and business objectives.
Ebbon-Dacs chief information officer Dave Minto said: “As a major supplier to the vehicle leasing and contract hire sector, it was essential that we demonstrate to the industry that we are fully adept in handling confidential client information and that the correct security protocols are in place.
“Whilst we had good security management, procedures and systems in place, we wanted to put them to the test against the very highest ISO standards, so we could identify any areas for improvement, as well as promoting our achievement to current and future clients.”
Companies throughout Europe are reviewing their IT security policies in preparation for the introduction of the new European General Data Protection Regulation (GDPR), which introduces tougher standards for companies that handle personal data as well as harsher penalties for data breaches and service failures.