Your Data is Safe in Ukraine
Data Safety as the Number One Concern
Have you ever felt anxious about outsourcing to Ukraine due to the unstable political situation in the state? Have you been worried about the safety of your money and data? Yes, with the growing frequency of private and state data leaks, identity thefts, and cyber terrorist attacks, you actually should be badly concerned about whom to trust with your personal information.
Recently, the European Union has enforced the General Data Protection Regulation (GDPR) in order to protect major businesses and average Internet users. While Ukraine is not a part of the EU (at least, yet), the GDPR has also caused a genuine IT-revolution here.
What Is the GDPR and Why the Fuss?
The GDPR was introduced on on May 25th, 2018, and shortly became the most profound data regulation reform in decades. It challenged not only the companies located in Europe but all the businesses regardless of their geographical location who deal with some personal data of EU citizens.
Your Data Is Safe in Ukraine
Economic, social, and legislative reforms are on the rise in Ukraine, which is recovering from its post-soviet era and strives to become a full-fledged member of the European Union. The IT industry in our country is the fastest-growing and most profitable, competitive, and promising sphere of running a business with a constantly increasing number of companies to outsource and a significant pool of talents.
The Ukrainian legislation on data safety fully complies with the GDPR, which is aimed at harmonizing data regulations across all the EU members and protecting the personal information of each EU citizen. The Data protection is regulated by the Constitution of Ukraine, the Civil Code of Ukraine, the Law of Ukraine “On Information”, the Law of Ukraine “On Protection of Information in the Information and Telecommunication Systems”, and the Law of Ukraine “On Electronic Commerce”.
All of those have been recently updated to comply with the GDPR and to address most topical challenges. According to Article 15 of the Association Agreement between the EU and Ukraine, the aforementioned legislative documents were revised by the Ukrainian Parliament Commissioner for Human Rights and aligned with the GDPR. Later, the updates were checked and confirmed by EU experts.
This change has shaken the IT world as it made all the companies considerably alter our approach to data safety in shortest terms and set the customer privacy as our principal business value. It has obliged us to ensure full transparency of personal data usage strategies, broadened the rights of data subjects, and increased the company’s liabilities in case of a data breach. In fact, a single violation of the GDPR may lead to a huge financial loss, which may account up to €20 million, depending on the severity of the offense. Obviously, no decent company wants to risk its money and reputation, so to comply with the GDPR is a compulsory and first-priority business objective.
Another growing concern with a regard to doing business in Ukraine is the unstable political situation in the state and the ongoing war in the East. Vendors express their concern with their data being physically blocked or destroyed in case something happens in the city where their outsourcing company is located. However, it is crucial to understand that no modern-day IT company stores data on a local, physically present in its office server, and neither do we. Instead, all of us use cloud technologies for the business and its partners to be able to access the necessary information 24/7.
KeenEthics Team on Guard of Your Data
Here in KeenEthics, we monitor all the Ukrainian and European legislation updates in order to ensure our full compliance with them.
We care about the safety of your data and make sure that no part of it is stolen, falsified, destroyed, or accessed unwarrantedly. We follow all the data protection requirements proclaimed in our business strategy, in the agreement with a business partner, and in the legislation of Ukraine and EU. We have gone through a long complicated legal procedure to ensure that we comply with the GDPR and to obtain the GDPR Compliant Badge.
We care about our own safety and conduct regular data security and personal safety training sessions with our team members. We make sure that all of us are well-aware of the necessity to use secure passwords and trusted, fully encrypted communication or data exchange channels, as well as of the potential risks associated with a failure to do so. Also, we have a hard-drive encryption policy, according to which every team member protects hard disc with a cryptographic key to ensure that the information stored on it cannot be accessed even if the computer is lost or stolen.
We care about our network to prevent any network intrusion.
We protect our data with two powerful protocols, namely NAT (Network address translation) and Firewall. NAT is a method that consists in altering network address information in the IP header while the packets are in transit across a traffic routing device and remapping an IP address space into another one. Firewall is a protection system that manages incoming and outgoing network traffic in accordance with a certain set of security principles.
We make sure that our wifi is secured and hardware and software of routers are up-to-date. Wifi is protected with a reliable encryption method and a unique password, which we regularly update. On a daily basis, we check available upgrades for our routers and install those as soon as there are any.
To make sure that our source codes cannot be unwarrantedly accessed, modified, or stolen, we store them on encrypted computers and in the cloud, which is secured with HTTPS and SSH protocols. HTTPS is a secure encoded version of HTTP, while SSH is a protocol for a secure access to a remote computer.
We care about the physical security of our office to keep unauthorized people away. We have an advanced system of surveillance and emergency alarms, make sure that no unapproved people are let inside, and oblige all our team members to sign a non-disclosure agreement to prevent an information leak.
Your trust is our highest priority, your data safety is our primary value. So, you do not have to hesitate whether to trust the KeenEthics team.
This article was originally published at KeenEthics Blog.
