Sherwood Compliance provide bespoke software solutions to the insurance industry and are ISO9001 accredited.
Under strict compliance standards from major insurance companies, Sherwood required a new IT infrastructure and also a back up and disaster recovery solution to meet all of their legal requirements. Any inability to meet the requirements could result in revoking of their licence to carry out their business activities.
To achieve Sherwood Compliance’s requirements, we used Windows Server and worked with the internal team to design, plan and implement a company wide computer policy. This policy comprised: folder based permissions; encryption of all company computers with a boot on pin code; disabling the ability to copy data to removable devices; ensuring that all laptops used folder redirection; strict password complexity requirements enforced.
Back ups were changed from using removable hard drives to taking snap shots of the servers and encrypting them using 256AES onto network storage and copied cross site for disaster recovery. If one site fails, the other site can take over.
Benefits: After an ISO inspection, all systems were passed as fully compliant. Reflective IT continue to maintain and support this infrastructure to ensure ongoing compliance.