Emails, as we know, are very popular for valid reasons which explain its strong presence in a company’s operation… even in 2020.
Dangerous reality #1: Everyone has an email address with its mailbox on their electronic devices (computer, phone / tablet). In terms of accessibility, it couldn't be better.
Dangerous reality #2: It is possible to get in touch by email with someone we don't know. Think about it, it is a reality that systematically requires increased vigilance.
What needs to be changed #1: An unknown person could send you an email hacking attempt on all your devices.
What needs to be changed #2: Keep the content of emails only for non-sensitive information.
The best security advice is to start simple and effectively
Engage your employees in a safety policy with shared responsibility
Reality: A low level of awareness and a malicious state of mind are explosive elements to undergo a cyber incident deliberately triggered by an insider.
What needs to be changed: Training on the value of data and on the definition of the data processed by your organisation is the key to avoid internal cyber attacks. Once the training is done, your employees need to commit to good governance and use of the data they will be processing as part of their job. When we are accountable for our actions, it always has been a good formula for doing the right thing.
Invest in security solutions that are simple to use
Reality: Computer security is a science with countless variations. On the other hand, there is a basic cyber-hygiene, such as not using emails to share and store confidential content, that must be present in order to optimize your level of security.
What needs to be changed: There are several tools that offer you very high levels of protection, but it is important to validate that they are easy to use. A very common trap, but one that you must avoid, is setting up a security solution that is complex to use. For example, if you ask not to use emails in your organization, but your alternative solution is not user-friendly and simple to use, your clients and colleagues will very quickly abandon the secure solution and unsecured email will return to your operations.
Beware of widespread computer systems in your organization.
Reality: Excessive promise that technology brings absolute productivity. Whether it's after following the advice of a representative from a large foreign company or an operational performance consultant.
What needs to be changed: Your company should not have all its activities on the same system or have all its data centralized on the same server or network.
Encrypted sharing platform which is easier to use than email
We position ourselves as a portal to your company that, at its simplest, replaces the sharing of confidential data by email.
TagMyDoc is safer, but also much more productive for everyone. Avoid hours of searching through your email chains to find an attachment or a note received by email. With TagMyDoc, it's only a matter of seconds before finding your confidential content. We are continually researching and developing to be a leader in what we do. Naturally, when we talk about security, in addition to offering the latest standards in data security and governance (availability, integrity and confidentiality of data), we use the best encryption practices.
If you want to know more about TagMyDoc's security and what it can do for your organization, get in touch with one of our experts.
TagMyDoc infrastructure security
TagMyDoc uses Amazon Web Services to host your data in Canada (Canada Central). AWS also maintains the following certifications: HIPAA, GDPR, ISO 27001, SOC 1/2/3, Directive 95/46/EC and PCI DSS Level 1
Two Step Authorization
Combined with the Google Authenticator app, one-time password codes are used for two-step authorization in TagMyDoc. Even if your password is stolen, your account will not be accessible to a potential hacker.
TagMyDoc has more than 10 years of experience in developing web projects according to the highest industry standards in terms of security and performance. TagMyDoc users benefit from all this experience and our development philosophy "privacy by design".
Your Data is Safe
Even in places with public WiFi connections (cafes and airports), TagMyDoc passwords cannot be stolen. Users can confidently open their TagMyDoc account in public places via WiFi or mobile network connections. TagMyDoc is accessible exclusively via an SSL connection, regardless of the action you take on the platform.
All data centers used by TagMyDoc are protected in accordance with the strictest industry certifications and standards (which includes access to physical storage media based on biometric data and maximum protection against intrusion). All the details here: https://aws.amazon.com/compliance/data-center/data-centers/?nc1=h_ls
User data is isolated at the database level. We also offer isolation at data center level. The data of our users is isolated in such a way that there is no possibility of receiving access of another user's data by accident.
TagMyDoc uses two independent data centers and redundancy to ensure that the service is available to the maximum.
Backup copies of your data are created daily.
Data transfer for all users is carried out via an SSL-encrypted connection.
Policies and security
Your data deposited on our architecture is encrypted in transit and at rest. We do not earn any revenue from the sale of user data on our architecture.
Terms and conditions of use
The GDPR is a good thing to eliminate the malicious exploitation of digital data in the business world. Whether it's the completely transparent use of information, more visibility into processing or the right to forget. We have online governance with GDPR. If you have any questions regarding this subject, you can send an email to the following address: firstname.lastname@example.org
DPA means "data processing agreement". When TagMyDoc works with suppliers who will process confidential data (customers, prospects, employees, ...) in the course of providing services, it is mandatory to enter into a data processing agreement or DPA. This applies to our clients towards their clients.