The letter I did not want to receive!
Last Saturday, just like each week, I went to retrieve my mail where, usually, a few remnants await. Located at more than one kilometer away from my home, my postal box was relocated after the most recent reform of Canada Post, the first sign of the current digitization of society. For the first time, I apprehended this event, a sentiment that is probably shared by the 2.9 million of Quebec members that were affected by the data theft at Desjardins.
Despite the fact that, in the context of my occupation, I have to always stay informed on the latest trends of data security, when I saw the letter, I could not help but reflect on the possible impacts of this data theft; the fact that ill-intentioned people robbed my personal data represents a risk for my family and myself. If the short terms consequences are unlikely, the medium and long-term consequences are a source of preoccupation. No business is fully immune to such gestures and the intern processes must be reviewed constantly to ensure that the risks are minimized.
At Alfred, each year – during the month of September – we re-evaluate our politics and our measures to this effect. As we have received a number of questions on this subject in the past few days, we will answer a few of these through our blog. Here is a first one:
Question: “The Desjardins situation has brought to light questions on our private data protection. Do the applications that I use share my data and does your business uphold measures to ensure the security of this data?”
Answer: “Alfred maintains confidential data of its clients in the strictest confidentiality and does not divulgate it to other parties, such as its partners, and does not reproduce said data without having specifically received written permission to do so from the client. Alfred is committed to only divulgating this private data to the employees, directors, administrators or representatives that require it, while also upholding extremely strict confidentiality standards for these individuals.”
There are only a very restricted number of employees that can access some personal data of our clients to ensure technical support. Each Alfred employee is periodically submitted to various security controls by an independent firm, including criminal record and credit evaluations.
We will cover a second question next week on our blog.