As part of our ongoing commitment to ensuring the highest standards of information security, we require confirmation that your organisation adheres to the following information security practices. This is essential to maintain the integrity and confidentiality of customer data and to comply with relevant legal and regulatory requirements.

1. Access Control: Only authorised personnel should have access to customer data. Access must be granted based on the principle of least privilege, ensuring that individuals only have access to the data necessary for their role.

2. Encryption: All customer data must be encrypted both in transit and at rest using industry-standard encryption protocols. This ensures that data remains secure and protected from unauthorised access.

3. Data Minimisation: Your organisation should collect and retain only the data necessary for the support task. Any unnecessary data must be securely deleted to minimise the risk of data breaches.

4. Regular Audits: Conduct regular audits to ensure compliance with this policy and to identify any potential security vulnerabilities. This proactive approach helps in maintaining robust security measures.

5. Training: Provide regular training to support staff on data protection and information security best practises. This ensures that all personnel are aware of their responsibilities and the importance of maintaining data security.

6. Systems: The systems you work from must adhere to recognised best practises. This includes applying security patches and updates, installing anti-malware and virus software, ensuring operating systems are in support, and implementing necessary access controls for system logins. Multi-factor authentication (MFA) measures should be in place for cloud-accessible accounts.

7. Information Security Policy: Your organisation must have a known and recognised Information Security Policy in place. This policy should outline the procedures and measures taken to protect information assets and ensure compliance with security standards.