Auto Finance Technology

Driving Financial Innovation in Finance Technology

Auto Finance Technology Ltd is a software solutions provider specialising in the development, deployment, and maintenance of a unique technology solutions tailored for the motor trade industry.

Contact Us
Services

Where Impossibility Meets Innovation

We're not just about selling cars; we're about redefining the entire motor trade experience. Our flagship product, the motorsales CRM, is the powerhouse behind your success in the dynamic world of used vehicle sales and finance.

iso 27001

What ISO 27001 is and why is it important?

ISO 27001 is an internationally recognised standard for Information Security Management Systems (ISMS) that helps organisations protect sensitive information, comply with regulations, mitigate risks, ensure business continuity, gain a competitive edge, and build trust with stakeholders.

It promotes a proactive and systematic approach to information security, making it a vital framework for data protection and risk management in today's business landscape.

Learn more
Cyber Essentials Certification

Cyber Essentials Certification

Auto Finance Technology (AFT) is pleased to announce that it has achieved Cyber Essentials Certification. Cyber Essentials is a government-backed scheme that helps organisations of all sizes protect themselves against common cyber threats. It is based on five technical controls that are proven to be effective in defending against a wide range of cyber attacks.

The National Cyber Security Centre, a government department part of GCHQ, backs Cyber Essentials. The NCSC is the UK's technical authority for cyber security, and it works to protect the UK's critical services from cyber attacks, manages major incidents, and improves the underlying security of the UK Internet.

Learn more
FAQ

AutoFintech FAQs

Here are some common questions and answers regarding our commitment to data protection:

ISO 27001 is an international standard for managing information security. It provides a framework for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). The certification demonstrates that an organisation has identified the risks, assessed the implications, and put in place systemized controls to limit any damage to the organisation.

The importance of ISO 27001 certification lies in its comprehensive approach to securing the confidentiality, integrity, and availability of corporate information. It's crucial for protecting sensitive data, complying with legal requirements, enhancing customer and stakeholder confidence, managing and mitigating risks effectively, and securing an organisation's information assets.

ISO 27001 benefits customers by ensuring that their data is handled securely and confidentially. This certification reassures customers that the organisation adheres to the highest standards for information security, thereby reducing the risk of data breaches and increasing trust in the organisation's ability to safeguard sensitive information.

As a company certified in both Cyber Essentials and ISO 27001, our compliance with UK GDPR is grounded in robust cybersecurity and data management practices. Cyber Essentials' certification demonstrates our commitment to fundamental cybersecurity measures, protecting data from common online threats. ISO 27001, with its focus on information security management, ensures that we have comprehensive systems and controls in place to protect the confidentiality, integrity, and availability of personal data.

Specifically, we adhere to UK GDPR by conducting regular data protection impact assessments, ensuring that personal data is processed lawfully, transparently, and for specified purposes. We maintain stringent data security protocols, including encryption and access controls, to safeguard data. Additionally, we ensure ongoing staff training in data protection, have clear procedures for responding to data breaches, and uphold individuals' rights concerning their data. Our dual certification underpins these efforts, reflecting our holistic and proactive approach to data security and compliance.

Under the requirements of ISO 27001, Cyber Essentials, and UK GDPR, our security practices are audited and improved on a regular basis to ensure ongoing compliance and optimal data protection. Specifically:

ISO 27001: This standard necessitates an annual surveillance audit with a comprehensive re-certification audit every three years. Additionally, it requires regular internal audits and management reviews to ensure the Information Security Management System (ISMS) remains effective and responsive to changes.

Cyber Essentials: While this certification is renewed annually, we continuously monitor and update our cybersecurity measures in line with evolving threats and technological advancements.

UK GDPR: Although there is no fixed audit schedule mandated by UK GDPR, we conduct continual assessments of our data processing activities. We conduct regular reviews of our data protection practices, including impact assessments for new projects and periodic audits to ensure GDPR compliance.

Overall,our commitment to these standards involves a continuous process of monitoring, reviewing, and improving our security practices to stay aligned with the latest threats and regulatory requirements. This approach ensures not only compliance but also the highest level of security and trust from our customers.

Two-factor authentication (2FA) is a security process in which users provide two distinct forms of identification to access a service or system. Typically, this involves something they know (like a password) and something they have (such as a mobile device or security token). In our organisation, we implement 2FA across all supplied CRM platforms and portals to ensure robust access controls. This additional layer of security is crucial for protecting sensitive data and preventing unauthorised access.

In the motor finance industry, many portals unfortunately still do not include two- factor authentication, which we view as a significant security risk. Recognising the potential vulnerabilities this poses, we strictly require all our customers and employees to use 2FA when accessing our systems. This policy not only aligns with best practices in cybersecurity but also demonstrates our commitment to safeguarding our clients' and company's sensitive information. By insisting on 2FA, we significantly enhance the overall security of our digital interactions and transactions.

This is an integral part of its broader framework for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System (ISMS).

Compliance and Audits

Our Commitment to Compliance & Audits

At Auto Finance Technology Ltd, we are dedicated to maintaining the highest standards of compliance and undergoing regular audits to ensure the security and integrity of your data.

Contact Us