Data Security and Privacy

Scantek’s multi-tier security protects your business from cyber-attacks and data breaches
data protection

For over a decade, we've been tightening our heavy-duty data security posture to safeguard your business.

We know scammers will do anything to get private customer details, so data security is one of our highest priorities. We’re laser-focused on safeguarding you from insider threats and human error, two of the leading causes of data breaches.

Group 632

We maintain the gold standard in information security by layering policies, processes, and controls to shield your systems and verification data: ISO 27001 compliant, specialist security designers, multi-tier security architecture

Conveyancing ID checks

The concerning truth about digital data storage

The digital transformation in recent years has seen many more businesses gain online accessibility. Volumes of valuable data are now created and hosted online, including personal identity information (PII), trade secrets, and intellectual property.

Scams to access that data are becoming more sophisticated. They are so sophisticated that even large companies fall prey to them.

Now, more than ever, it’s important to guarantee the protection of personal information collected from your customers.If you can’t, you risk data breaches that expose your customers to potential harm. That’s damaging to your brand and your reputation, too.

You need data security that both you and your customers can trust.

What’s best practice in data security?

Data security is about protecting digital information from unauthorised access, corruption, or theft at any given time. You want your data security to be multifaceted.

Bulletproof infrastructure and technology

Cybercriminals dig for weak spots in your security framework. To prevent access to sensitive customer information, your digital environment must be advanced enough to match a rapidly changing landscape.

Scantek’s digital infrastructure has multiple layers of security built on zero-trust and privileged access principles.

We help you carry the responsibility of protecting your customer or employee verification data by keeping it safely within our secure environment.

You also eliminate the risk of PII being accessed if your own business system is ever breached because the information is stored on our turf, not yours.

data security
Data security specialists

Specialist insight and design

Security infrastructure must be built by experts to be trustworthy. Architects need advanced knowledge to design storage systems that will withstand multiple cyberattacks. The infrastructure must also stay up-to-date with emerging trends in cybersecurity.

Scantek’s specialists lead the way in secure digital verification.

Not only do we employ the brightest and best to keep developing our systems, but we back our process with an advanced ecosystem. This evolving system keeps us in touch with new technology booms and helps us stay relevant to current cyber threats.

Security that never falls asleep

It isn’t enough to simply have good infrastructure. Your security must remain unbreached for the entire lifecycle of the data and then be safely disposed of when no longer needed. Keeping data for longer than needed creates unnecessary risk.

Scantek can store data for as little as 28 days (for example, in venue entry verifications) or as long as 9 years (required for banking, financial services, and insurance (BFSI) compliance). After that, it’s permanently deleted.

Our technology lets you see exactly where critical data resides and how it’s being used, so you’re never in the dark about the information you’re accountable for.

data security

How Scantek protects your data

Scantek is ISO 27001 certified

Our ISO 27001 compliance means we provide the highest level of data protection and privacy in Australia. Formally known as ISO/IEC 27001:2013 Information Security Management, it’s the leading international standard on information security.

We’ve maintained compliance since 2018, and we’re externally audited every year to ensure we uphold best practices on:

  • Confidentiality: only authorized people have the right to access information.
  • Integrity: only authorized people can change the information.
  • Availability: the data must be accessible to authorized people whenever needed.

Small-scale businesses often use only single-tier security, where all information is stored on one server. Single-tier databases present security risks. If the server shuts down or is externally attacked, all information is affected.

Scantek uses a multi-tier cloud-based security architecture.

It’s like the bank vault of cyber security—every ‘door’ on every level (network, transport, or database information) needs a different key. This multi-level design minimises the surface area for a possible cyberattack.

When an intruder accesses business data, the business is vulnerable to identity theft, data leaks and other fraud. To reduce this risk, we use a zero-trust approach.

Authorisation must be proven at every level of access so that only the right people access the right data within the right conditions.

We implement controlled access using:

  • Vulnerability scanning across our systems and servers

  • Intrusion prevention and detection software

  • The principle of least privilegeaccess is on a right-to-know basis

  • Multi-factor authentication, with access tokens expiring every 30 seconds

One straightforward approach to the zero-trust policy is to eliminate the need for human handling of data. Since all Scantek verification data is collected digitally, no human eye ever sees the stored information. However, should authorities ever need to examine data on banned patrons or anomalies, it can be securely accessed.

Scantek stores all data behind a demilitarised zone. That means communication between untrusted external networks and private internal networks is tightly controlled.

We don’t host any databases offshore, where data protection laws differ, secure network connections are not guaranteed, and technology standards fluctuate. We use data centres across Sydney, Australia, to ensure an environment we can control, secure, and monitor.

Data is encrypted at rest and in transit using secure Transport Layer Security (TLS) protocols. Simply stated, data is scrambled during storage or transport between Scantek and another venue. A unique pair of digital keys, called RSA keys, is needed to unscramble it.

So, even in the unlikely event that a cybercriminal gains access to the data, they would need keys for each data set to make sense of it or cause harm.

Why Scantek

When you do digital security the right way, it’s far safer than manual methods. Hundreds of Australian businesses already trust us because our squeaky-clean track record is over 10 years old.

icon security

We practice what we preach

Since our business is about keeping you safe, we’re meticulous about verifying our own staff. As part of our industry compliance, we train all Scantek employees to be security aware. We work within strict confidentiality bubbles, applying zero-trust and privileged access principles to our own business.

Trusted

Trusted by Australian businesses

Data security is nothing new to us. It was a priority from the day we started because of the sensitive nature of information that verification requires. Since then, our security layers have grown more sophisticated. In over a decade, no criminal activity has breached our security.

multi-tier security

Trailblazing technology

Scantek employs leaders in the fields of data science and technology. We thrive on innovation, so you’ll often find us in think tanks, chipping away at our next breakthrough on tools or technology. Innovation and expertise ensure the data we protect on your behalf is safe, even as frauds evolve their tactics.

Group 632

That’s one of the reasons we’re trusted by hundreds of Australian businesses today. Our tried-and-tested technology has earned us a reputation for being the safest digital verification technology in the country.