Protecting customer data during the Coronavirus (COVID-19) pandemic

Posted by: Lowell|May 04 2020


Our priority is understanding our customers’ situations and helping them find the right solutions. We’re working hard to make sure we're providing the support they need and, in line with the Government’s guidance, our colleagues are doing this from home.

We take data protection and the security of our customers’ data very seriously.  As a result, we have put a range of security measures in place to make sure that their data is safe.  These measures are in line with the official guidance around working from home from both the FCA and the ICO. Please see the ICO’s website at for more details.

Here are some of the things that we are doing to keep customer data safe: 

  • All of our colleagues receive regular training on data protection and information security. In addition, we have issued home-working guidance to all colleagues that they must confirm they have read. The guidance reminds them of their obligations to maintain customer confidentiality and provides practical ways to do that when working from home.

  • We are ISO27001 certified – this means that our Information Security Management System meets the international standard.

  • All colleagues must be aware of and apply our security policies, standards and procedures that they can refer to at any time via our intranet.

  • We comply with the Payment Card Industry Data Security Standard for card payments.

  • Our colleagues access our systems through a Virtual Private Network (also known as VPN) with multi-factor authentication to prevent unauthorised access to our data and systems.

  • We use data loss prevention tools – these automatically block unauthorised sharing or emailing of confidential information.

  • We have prevented colleagues from using removable media and printers where it is not essential to their role. Only a limited number of authorised colleagues can transfer information from their computer to USB memory sticks and no colleague can print at home.

  • We have anti-virus and anti-malware software on all colleague computers as well as protecting our email and internet systems.

  • We use email filtering – emails are scanned to stop our colleagues from getting phishing and spam emails.

  • All colleague computers are fully encrypted with industry standard encryption.

  • Colleagues are only able to access the websites they need to do their job – they can’t access personal email or file sharing sites.

  • We monitor access and changes to files – this includes logging all access to customer data.

  • Our security operations centre monitors our security systems 24 hours a day, 7 days a week to make sure our systems are operating correctly and to monitor for any potential activity that may pose a data risk.

If you would like to find out more about how we are protecting customer data, please speak to your Lowell contact or use the website contact us form.


Keep up to date with Lowell Insights