Privacy at Futurebooks – Part II

May 26

Privacy at Futurebooks – Part II

In Part I of the series “Privacy at Futurebooks”, we shared how Futurebooks uses robust encrypted machines and internet networks. In Part II of this series, we will specifically look at the Futurebook’s security measures around email, calendars and document collaboration.

Google Apps for Work

We use Google Apps for Work to power our communications. This choice of having a trusted external vendor manage our email is keeping in line with our company’s methodology of specialising in our core services, and leaving the rest to specialist companies who excel at what they do. We are in the company of local establishments such as the Ministry of Education Singapore1, Fraser & Neave2 and international organizations such as Xero3 and Jaguar Land Rover4. Specifically, we have deployed the Google Apps For Work version with Google Vault for all our employees.

Service Level Agreement with Google

As a business customer of Google Apps, we are covered by a 99.9% uptime SLA5. Futurebooks retains ownership of data and it is not used for advertising purposes by Google6.

DKIM Mail Signing

We have enabled signing of all outbound email from @futurebooks with DomainKeys Identified Mail (DKIM)7. Sender Policy Framework (SPF)8 is also enabled for our domains futurebooks.com. This DKIM & SPF deployment, combined with our published Domain-based Message Authentication, Reporting & Conformance (DMARC)9 policy means that recipient email systems can automatically verify that a mail from @futurebooks.com is genuine.

 

Picture_03

Emails coming from Futurebooks are DKIM-signed, with a published DMARC policy.

 

eDiscovery and Data Retention

We have archiving enabled for ten years, which exceeds the five-year data retention requirements set by the Inland Revenue Authority of Singapore (IRAS)10 and the Accounting & Corporate Regulatory Authority (ACRA) for professional firms. This means that even if an individual user deletes an email, a central archive is maintained of all electronic communications via @futurebooks.com. We also have eDiscovery and detailed audit reports enabled through Google Vault11.

 

Futurebooks Security_Google Vault

A secure vault of email communication is maintained for ten years. This is auditable, and incorruptible by users.

 

Encryption

Emails, attachments and calendars stored @futurebooks.com are encrypted using 128-bit or stronger Advanced Encryption Standard12. When we send emails, they are encrypted using Transport Layer Security (HTTPS) with perfect forward secrecy enabled13. This does require the email system on the other end to support encryption as well to be fully secure14.

Chrome

We use Google Chrome as our default browser since it allows our domain administrator to set user policies centrally. What we also find impressive is Chrome’s built-in Safe Browsing technology that has anti-phishing, anti-malware, sandboxing and auto updates enabled15. In addition to this, we have a Chrome security extension, Traffic Light from BitDefender, that’s constantly scanning links and telling us if they are safe to visit, even before we click the link.

&nbsp

Futurebooks Privacy _ Chrome

We get a literal greenlight to let us know that we are headed to a safe part of the internet thanks to BitDefender’s business grade protection.

 

Our access to Futurebooks mail, calendar & drive services are strictly by SSL only, enforced at a domain level. This means that even if there is a potential data leakage while accessing the internet through a public network, the snoopers will not be able to see our domain data. We do have additional security measures in place for our Macbooks accessing the internet through public networks in the form of a VPN, read more about that in Part I.

 

Picture_04Access to the Futurebooks domain data is strictly via encrypted HTTPS protocol.

 

Anti-virus, Phishing, Spoofing and Spam Protection

We adopt a multi-layer approach to combat this, through a hardware firewall and Unix based systems as elaborated in Part I, through a secure browser as we touched upon above, through an enterprise-grade anti-virus scanner that’s constantly on and lastly, but most effectively, through Google’s anti-virus, anti-phishing and anti-spoofing that’s built right into Google Apps Mail. The powerful spam filters also save us tons of time, getting it right 9 out of 10 times (we still scan our spam folders to see if any legitimate mail ended up there).

Two-Factor Authentication

All users of @futurebooks.com are required to have two-factor authentication turned on. This requirement, coupled with sensible minimum-length passwords, helps keep unauthorized access out. We monitor compliance domain-wide on this with periodic reports.

Leaving Employees

We have disabled auto-forwards and take-out of data by employees. All emails belonging to employees who leave Futurebooks are archived securely, and their access to the @futurebooks domain is revoked as soon as they leave.

 

Keeping our client’s financial and personnel data private is a responsibility we take seriously. One of the most important steps any client or partner of Futurebooks can do to prevent phishing attempts is to ensure that emails are indeed coming from @futurebooks.com and not a misspelled domain like @futurrebooks.com. If any email seems suspicious, call us!

 

Sources:

1Singapore’s Ministry of Education and 30,000 teachers go Google, Google for Work Blog
2F&N Singapore Goes Google, CIO Asia
3Going from Xero to 100 with Help from Google Apps and Drive, Google for Work Blog
4Why Jaguar Land Rover Chose Google Apps, Information Week
5Google Apps SLA 99.9% uptime, Google for Work Help
6Ownership of Data & no Ads Policy, Google for Work Help
7DKIM email signing in Google, Google Apps Administrator Help
8SPF for Google Apps, Google Apps Administrator Help
9DMARC Policy, Google Apps Administrator Help
10Record Keeping Guide for GST-registered Businesses (Fourth Edition)
11Google Vault, Google Apps Vault Help
12Does Google encrypt my data?
13Google forward secrecy
14Encryption from and to requires the other parties email system to be encrypted as well – here are some stats on this
15Chrome Browser Security

 

Drop us a note to know more about our secure accounting & company secretarial services.

  • Please include the country code.
  • To speed up the process, please provide us with​ pertinent information about your inquiry as well as the best time to contact you over the phone.
  • Your information is treated confidentially and respectfully as per our privacy policy here.

  • This field is for validation purposes and should be left unchanged.