At The Software Bureau, we take information security seriously. Our recent retention of the ISO 27001:2022 certification reflects our ongoing commitment to protecting sensitive data and maintaining the highest standards of security across our operations.
However, the recent data breach involving LNER’s customer communications database, managed by a third party supplier – https://www.printweek.com/content/news/lner-data-accessed-in-customer-comms-breach, is a stark reminder that security must extend beyond internal systems. Reports indicate that unauthorised access was gained through a supplier, compromising customer data and raising serious concerns about vendor oversight.
This incident reinforces a critical point. Your organisation’s data security is only as strong as the weakest link in your supply chain.
While The Software Bureau does not share any customer data with third parties, we still apply rigorous standards when working with suppliers who support our infrastructure or services.
Customer trust is built on transparency and accountability. That trust can be quickly eroded if third party partners fail to uphold their responsibilities.
We urge all organisations to review their vendor relationships and ensure that every partner involved in their operations is aligned with robust security standards. Information security is not optional. It is essential.
To learn more about our approach to data protection, read our latest update: https://www.thesoftwarebureau.com/the-software-bureau-retains-iso-270012022-certification/
