Broker Back Office

Keeping Your Data Safe

Broker Back Office. A system designed and built with privacy at its core.

The Back Office System is powered by Back Office Solutions Ltd (BOSL). BOSL is an Isle of Man based company. BOSL act as the Data Processor for as defined by the EU General Data Protection Rules.(EU GDPR)

EU GDPR Overview

European Union General Data Protection Rule compliance (GDPR) is required by any organisation that either does business in the EU or collects, processes and stores personal information of EU citizens. The Rules became enforceable from May 2018 and they are more stringent than preceding legislation. Compliance is compulsory so each member state does not have to ratify them into its own law.

The EU GDPR are not that prescriptive in terms of the technology controls required, rather stating that appropriate organisational and technological controls must be in place to protect sensitive data. Encryption is of course essential but organisations must understand their business operations and their data movement to best determine which controls, either technical or procedural can deliver the most effective method for ensuring DPR compliance.

Data Processers and Data Controllers

The Rules also introduce the concept of Data Processers and Data Controllers. A Data Processer is the designer and owner of the software. Back Office Solutions Ltd (BOSL) is by definition, a Data Processor. The responsibility of BOSL is to ensure that the technical controls are in place such as encryption, firewalls, password masking etc.The Data Controllers are the individual users within our client companies. It is important that each user understands their responsibilites under the rules to keep client data safe and then act accordingly when using the systems.

Data Protection Officers (DPO)

We have appointed Sophy Blakemore as our DPO for monitoring compliance with the EU GDPR and other data protection laws that may apply to us.

Privacy by Design

The Rules introduce the concept of Privacy by Design, which requires that all strategies and controls put in place for ensuring compliance must take the need for data privacy as the core, to shield them from damaging data breaches and possible sanctions. With this in mind and whilst not an exhaustive list BBO has the following controls in place.

Email Address Verification

All our users have a unique username i.e the email address itself.

User Set Passwords

Passwords set by the users themselves using registration forms rather than old practices such as being given passwords to change in their profile after login.

Password Encryption

We use 256 bit technology to ensure that passwords cannot be hacked and aggressive firewalls to filter unusual activity.

Password Masking

To ensure that people use strong words with unusual combinations. Follow up verification using the memorable word with random combination digits or captures to protect against internet hacking attempts by robots. If a password is forgotten it can only be reset using secure methods and email verification.

Managed Servicement Agreements

All our client companies have to sign an agreement to assure us that they understand their obligations and responsibilities under the EU GDPR. We also recommend that our client companies do tghe same with their users.

A Breach Register

To record any diagnosed misuse by registered users.

Back Office Solutions Ltd
1 Myrtle Street
Douglas
Isle of Man
IM1 1ED
British Isles

Tel: +44 1624 679262
Email: admin@back-office-solutions.im

Please confirm that by continuing to use the site you agree to our use of cookies. We use cookies to give you the best possible experience on our site.

I tick this box to confirm that I have read, understood and agreed to the Terms and Conditions, Privacy and Cookies Policy.