The importance of board-level security
The importance of protecting the documents and data your board handles can’t be overstated. Recent data from IBM shows that the global average cost of a data breach in 2023 was $4.45 million, a 15% increase compared to 2020. That’s not to mention the reputational damage a leak can bring.
High ranking individuals within organisations are emerging front and centre in this battleground. Research from Ponemon Institute shows that criminals increasingly target senior executives and board directors with sophisticated cyberattacks, with attacks even extending to family members. Almost half of organisations (42%) say their senior people and boards have been targeted in this way over the past two years.
Partly, this is because senior execs and board members have high level access to confidential company information. Partly, as companies improve security on their networks, it’s because cyberattackers choose to bypass these measures with targeted personal attacks that expose different kinds of human and technical vulnerabilities.
Whatever the reason, the need for advanced protection of board documents (whether they are in storage, in transit, or in the hands of users) is clear.
Admincontrol for document security
Needless to say, at Admincontrol we take security and the protection of access to board documents very seriously. Over the past 18 years, we have created over 10,000 board portals that help boards work securely, with data stored in the Nordic region and stringent protection at all points of potential vulnerability.
Security and privacy are at the centre of everything we do; both when we develop our solutions, and in our day-to-day operations and activities. Our goal, ultimately, is to ensure that your board can work productively, with maximum impact...but within a safe environment that mitigates all security risks.
Let’s break down what that means – and how it can help to make sure your board’s work is protected and secure.
Protecting documents and the way your board works
Admincontrol’s board portal provides your board and executive management team with a digital platform for document sharing, collaboration, and access to a historical digital archive and board documents online and offline.
First, you’ll want to know how we protect the way your board members access those documents. And also, how we protect how they work with the documents and collaborate. We do this in several ways:
- Multifactor Authentication – Simple username/password access to systems, board portals included, is a known security frailty. Research shows that 90% of passwords can be cracked in less than six hours, two-thirds of people use the same password everywhere and 57% of people who have already been scammed in phishing attacks still haven’t changed their passwords. We provide a robust solution to this issue by using an authenticator app or other additional security measures (an additional layer to traditional username and password logins). This ensures that only approved people can access the portal and the documents it contains.
- Ringfenced communication – Securing the way your board communicates and collaborates is critical. With board portal, all communication can be kept within the secure boundaries of the portal. This means board members do not need to share information or documents via insecure and vulnerable channels like email – this can be a particular danger if people use personal email from home.
- Access controls - We also provide role based permissions to restrict access to confidential documents. These are secure, customisable-permission settings, so only certain users can access particular documents of varying confidentiality level (depending on their roles). With our role based permissions function, you can also set printing and downloading rights, so you can choose which documents can be printed or downloaded, and which users can do what with their available documents.
- Full document audit trails – In the event of a breach, you need to know who had access to which documents and when. All documents in our board portal are watermarked when users download or print them. The watermarks contain information about when the document was printed or downloaded and by whom. You can follow the audit trail easily using our reporting tools.
- Device control – We provide your board with access to our board portal on mobile devices via a native app. That means board members can work productively and efficiently from anywhere. But what if those devices fall into the wrong hands? We enable your IT administrators to remotely wipe the content in the app if the device is lost or stolen. We also allow you to manage on which device the user can access the board portal. People today, board members included, use many devices that they share with family members. It’s important to limit access to a certain number of approved devices.
Protecting your documents in our environment
With security and protection of access to documents top of mind, we also have strong internal security measures in place that provide assurance that your information is safe with us whether it’s in storage or in transit.
- Storage and servers – For example, we only use dedicated servers and storage based in the Nordic regions, so we have total control of how your documents are processed and stored. When we dispose of our production system storage media, we guarantee that all information is erased.
- End to end data encryption – We ensure that all communication between end point devices and the server is TLS encrypted using an Extended Validation SSL Server Certificate (https). When data is ‘at rest’ (or in storage), we also encrypt documents with strong AES 256 encryption. The encryption key is unique to your organisation, and stored in an encrypted key server.
- Intrusion Prevention System – We have a rigorous system in place to detect and stop intrusion attempts, DDoS attacks and unwanted network activity at an early stage. This protection runs 24 hours a day, 365 days a year. Plus, our app has state of the art protection that works as a shield against any kind of mobile cyber-attack or reverse engineering attempts. This, combined with military grade encryption of all data stored within the app, ensure that your documents are secure.
- Physical security – We have many physical security measures too. For instance, we screen all new employees before we offer them employment. Our screening process includes a background check on the employee’s previous roles. We also ensure all employees sign our confidentiality agreement. And we secure our production environment to prevent unauthorised physical access, damage and interference to information and information processing facilities. This helps to prevent loss, damage, theft or compromise of all the assets that we hold on your behalf.
Future proofing the security of your board’s work
‘Security is an enabler’ has long been a business cliché, but for good reasons grounded in solid truth. With our documents security measures in place, your board is free to work efficiently and effectively with your most confidential information, without fear that they will be compromised by emerging and future security threats.
To support this promise, we regularly review our solutions and document security measures to make sure they are fully up to date. For example, we guarantee that we patch, update and protect all our software and infrastructure against the latest threats or any vulnerabilities. We perform regular penetration testing carried out by an independent third party. And we submit to an annual information security audit, performed by Deloitte, that results in an SOC 2 Type II report issued under the ISAE 3000 standard.
We are also fully compliant with ISO 27001:2013 - the international standard that describes best practice for an Information Security Management System. The ISO 27001:2013 certification is a critical test of any board portal provider because it covers the entire business, process and products and demonstrates a robust commitment to providing excellent security throughout every aspect of its service.
In choosing Admincontrol, you're not just securing your board's present; you're future-proofing its operations against the ever-evolving landscape of cyber threats. Your documents are not just safe; they are in the hands of a partner committed to delivering excellence in every aspect of board-level communication and security.
What our customers say
“We are very pleased with Admincontrol`s board portal, providing us with a secure, efficient, and user-friendly tool for our board work. Geomatikk`s vision is to provide society with uninterrupted access to critical infrastructure, so security is very much ingrained in our DNA. Knowing we have a board portal provider which has equally high standards on this aspect is reassuring.”
Geir Hansen, Group CEO, Geomatikk
Conclusion: Unparalleled security for your board
In a world where the stakes of data breaches are higher than ever, securing your board's most sensitive assets is paramount. We are with you every step of the way, offering an all-encompassing solution to deliver comprehensive board-level security and enhance and accelerate your board’s performance.
From shielding against cyber threats to safeguarding your board's collaborative processes, Admincontrol's board portal ensures multifaceted protection. Our commitment spans two decades, empowering boards across Europe to work securely in a digital environment, with robust measures in place at every vulnerability point.
Why not speak to one of our experts to find out more about how our board portal could ensure the security of your board today?
Simply complete the form and we will be in contact with you shortly.