Protecting your data from cyber threats
We regularly carry out regular penetration testing on CoB to ensure we detect potential vulnerabilities on your booking system, to ensure you and your parent's data is kept safe and you can focus on running your childcare setting. It is essential to monitor and check on-line systems and websites, as new cyber threats are found on an almost daily basis these days.
Data Protection and the GDPR (UK)
As part of our on going commitment to keeping personal data safe and carrying out our role as Data Processors on your behave, as the owner of the data and the Data Controller, it is part of ensuring compliance with GDPR (UK); the data protection legislation in the United Kingdom (UK), following Brexit. Previously, whilst the UK was part of the EU, the legislation was covered under the GDPR (EU) rules, but since 1st January 2021, the former regulations have come into force.
What is penetration testing?
A penetration test, colloquially known as a pen test, pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. We use OWASP ZAP is an open-source web application security scanner. It is intended to be used by both those new to application security as well as professional penetration testers. It is one of the most active Open Web Application Security Project projects and has been given Flagship status.
Content Security Policies
We have also updated CoB with a Content Security Policy (CPS) that restricts content from third party websites and resources. This protects CoB from a number of potential cyber attacks, whereby hackers inject code into a web based system. This is commonly referred to as Cross-site scripting (XSS) and is one of the most common vulnerabilities.