Wednesday, 25 October 2017

Preparing your Recruitment Agency for GDPR: Disaster Recovery Planning



For those of you who have been following my recent series of articles on Preparing your Recruitment Agency for GDPR, I wanted to put pen to paper on one final topic on this theme; that of disaster recovery planning.

GDPR places an obligation on your agency to safeguard the personal data which it holds, and my previous articles have addressed key challenges around day-to-day ways to protect your data through effective risk management in relation to cyber security, insider threats and data backup.

However, with the best planning in the world, sometimes the unexpected does happen. We only have to look at the recent Wannacry ransomware attack that so devastated parts of the NHS to see the reputational damage and compliance breaches that can be caused by such an eventuality. It is therefore important from a GDPR perspective to have the appropriate incident response and recovery plans in place to handle such a situation.

Whilst having a technical disaster recovery plan is vital to recovering systems, it is equally important for the business continuity plan to cover how you would communicate details of an IT failure or data breach to customers, staff, suppliers, the Information Commissioners Office and the public at large to minimise the financial and reputational damage to your agency. Bear in mind that, in such a situation, many of the systems you normally rely on for your communications such as emails or contact databases may be unavailable, so the plan needs to provide for alternative ways to access these details and contact these people.

And to bring the subject of disaster recovery planning into perspective, whilst many recruitment agencies I talk to tend to associate IT downtime with a large events such as fires or floods, the reality is that the majority of IT downtime has much more mundane causes which can include hardware failures, loss of power, cyber security breaches (such as ransomware attacks) and software failures. And in many cases the downtime is considerable, with the EMC global data protection index 2016 study showing that the average length of unplanned downtime was 22 hours. Indeed the situation seems to be worsening this year, with IT downtime caused by ransomware attacks in particular often running into a week or more.

It is also critical in this situation that the disaster recovery plan is going to work effectively and in a timely manner. Many businesses I work with had put together a disaster recovery plan some years ago and left it in the fireproof safe ever since, without testing or updating. My experience is that this document needs to be constantly evolving, as our use of technology has moved on significantly, and what was an acceptable recovery plan a couple of years ago may now be totally inadequate. In addition, our systems are constantly changing, with software updates and security fixes being installed on a regular basis, all of which can impact on the technical success of a recovery.

So in order to ensure ongoing compliance and relevance, I always recommend that recruitment agencies we work with continually reassess and test their plans around resilience, backup and disaster recovery, against the operational needs of their business and their regulatory compliance obligations. Some points to consider would include:
  • How long could you afford for each of your various IT systems to be down for?
  • How much data, if any, could you afford to lose?
  • Have you tried a test of your full disaster recovery plan lately? Did it work? How long did it take? How much data was lost? Did the results demonstrate that recovery times and data loss met your current business requirements and compliance obligations?
  • Where are your backups held? Would an incident like a fire or a ransomware attack wipe out your backups as well as your live systems?
  • In the event of a major disaster what hardware would you restore your backups onto?
  • If your offices were incapacitated (or the emergency services wouldn’t allow you access to your premises) where would you work from and how would you connect to your recovered systems? 
Tests of disaster recovery plans also need to be documented, so there is clear evidence that testing has been conducted, the plan has been reviewed and any necessary remedial actions highlighted by the test have been actioned.

I hope this has given you a useful insight into some of the key areas to consider around disaster recovery planning when preparing your agency for GDPR.

Should you feel that your agency’s current disaster recovery arrangements are not adequate for GDPR, then Xara Computers can help. For those businesses with on-premise servers, we offer effective disaster recovery solutions that ensure all data is protected and can be recovered fully and in a timely fashion. While for those agencies looking to move to a private cloud environment in order to facilitate remote working, our flagship product, the XC360 Hosted Desktop for Recruitment Agencies, provides highly secure protection of both your live and backup data, incorporating fully managed and fully tested disaster recovery provision as standard. For more information, please do not hesitate to contact me on 0208 732 5656 or email me on at@xc360.co.uk when I will be happy to arrange a no obligation conference call or meeting.

Future articles will be posted to my blog, which has been designed to keep owners and Directors within Recruitment agencies up-to-date with IT matters that affect the recruitment sector. As one of my valued recruitment contacts please feel free to follow the blog and contact me at any point should you need advice on compliant IT systems for recruitment agencies.
 ________________________________________________________________________________

Xara Computers flagship product, the XC360 for Recruitment private cloud platform, provides recruitment agencies with a fully managed, highly secure, UK based remote desktop running all their own agency’s software. This allows fee earners to work and collaborate in real-time, from any location, using any computer, laptop or tablet, safe in the knowledge that their confidential client and candidate data is centralized and secure. For more information please visit our website www.xc30.co.uk/recruitment

Wednesday, 23 August 2017

GDPR in Recruitment – 7 Top Tips for Compliance (Part 2)



In my previous blog, I shared the first 3 of my 7 top tips for GDPR compliance for recruitment agencies.

With Digital Minister, Matt Hancock, having now formally announced the new Data Protection Bill, which will enshrine the GDPR into UK law, as well as preparing the UK, from a data protection perspective, for life after Brexit, I thought today it would be useful to share a further 4 tips on preparing your recruitment agency for GDPR:-

1. Put together a new or updated data protection policy and train employees on it.

This is important as everyone in your organisation needs to understand their obligations under GDPR and how to make themselves fully compliant. It only takes one employee to not fully understand their obligations to allow something like a data breach to occur, which has the potential to result in crippling fines and reputational damage to the agency under GDPR. One area where I often get asked for advice is around BYOD policies (Bring Your Own Device), where there is the potential for employees to be storing copies of the agency’s data or emails on their own laptops or smart phones. Such devices may not adhere to the agency’s security policies and as such policies around protecting data in this instance need especially careful handling. Please feel free to contact me if you need advice on this subject.

2. Put in place processes for ongoing education for all members of staff around cyber security and data protection.

Because the cyber security landscape is constantly changing, it is very important that employees are constantly kept up-to-date with best practice around security and data protection. To help with this, we have put together a free staff training document, “Best Security Practices for Staying Safe Online”, which you may download here. To help with this, we have put together a free staff training document, “Best Security Practices for Staying Safe Online”; to request a copy please email me at at@xc360.co.uk

3. Review Your Backup and Disaster Recovery procedures.

GDPR imposes an obligation to look after the personal data of candidates, clients and employees which is entrusted to your agency. This includes backing it up so that in the event of an IT problem, a data corruption, a natural disaster or a cyber attack you have backups from which you can accurately restore that data in a timely fashion. As a minimum, I would suggest that you should be backing up your data daily, but in reality most agencies are now looking at much more frequent backups – in some cases as often as every 15 minutes, or via real-time replication.

You can read more about good practice around data backups and recovery procedures in my blog “Preparing Your Recruitment Agency for GDPR: Data Backup and Recovery” [link to http://www.it-for-recruitment.co.uk/2017/07/preparing-your-recruitment-agency-for.html]

4. Create a breach notification plan. 

This is important because if the worst should happen, and you do experience a data breach under GDPR, you need to have a clear plan to deal with it and communicate it as smoothly and accurately as possible, and with the least possible damage to your agency.

If you are concerned about your agency’s GDPR compliance position, please do not hesitate to contact myself, or my colleague Andrew Banning, on 0208 732 5656 or email us on at@xc360.co.uk or ab@xc360.co.uk when we will be happy to arrange a no obligation conference call or meeting.

_________________________________________________________________________________

Xara Computers flagship product, the XC360 for Recruitment private cloud platform, provides recruitment agencies with a fully managed, highly secure, UK based remote desktop running all their own agency’s software. This allows fee earners to work and collaborate in real-time, from any location, using any computer, laptop or tablet, safe in the knowledge that their confidential client and candidate data is centralized and secure. For more information please visit our website www.xc30.co.uk/recruitment

Wednesday, 9 August 2017

GDPR in Recruitment – 7 Top Tips for Compliance (Part 1)



The new EU General Data Protection Regulation (GDPR) comes in to effect in May 2018 and represents the most radical change in data protection legislation in the last 20 years. GDPR has been developed to reflect the changing use of data in the digital world in which we now live, and is designed to enable citizens to benefit from modern digital services, whilst providing sound, well formulated and properly enforced data protection safeguards to help mitigate risks and inspire public confidence in how their information is handled by businesses, third parties, the state and public service providers.

Failure to comply will have potentially catastrophic implications for companies, for two reasons:

1. For any breach, the UK regulator, the ICO, will be able to levy fines of up to €20 million or 4% of your annual turnover, whichever is the higher.

2. Breaches have to be notified to the data protection authority and in some cases the consumers affected, without delay. This leaves the agency concerned highly exposed to brand damage and potential customer pay outs.

So what do recruitment agencies need to be doing to prepare for GDPR?

Well this is a big question, but to give you a flavour, the type of things you should be considering include:

1. Identify what personal data you are holding. Bear in mind personal data can be as simple as an individual's name or email address. This is vital because you need to be able to demonstrate that you are protecting this data and using it appropriately. So understanding what you have and where it is forms the first step towards compliance. And whilst you may think you know where your data is, I would caution that identifying where your data is can actually be a much more complex process than you may think. Yes, some of it will certainly be residing (hopefully securely) on your in-house servers. But what about the proliferation of company and employee owned portable devices such as laptops, tablets and smartphones which now hold company data and/or emails? And then there’s data that has been shared with business partners and other third-party organisations. And data that has, for whatever reason, found its way onto file sharing services like Dropbox or USB sticks.

Then there is the cloud. The cloud has revolutionised the way many businesses store their data, but in doing so has also globalised the way data is stored, with many providers distributing data across servers worldwide in order to optimise costs. The cloud takes many forms, from well-known public cloud offerings, through to private cloud environments and individual cloud-based software applications. Understanding which of these your agency is using and where your data is actually being stored as a consequence is paramount, if you are to meet your obligations under GDPR, which include ensuring that you do not store data in or transfer data to countries outside the European Economic Area that do not have equivalently strong data protection standards.

2. Identify threats to this data. This could include things like ransomware attacks, accidental loss by employees, deliberate theft by employees, industrial espionage, lost devices and unauthorised access to data. This is vital if agencies are to avoid the substantial fines that can be levied for unauthorised access to, or disclosure of, personal information.

You can find more information about protecting your data from insider threats in my blog “Preparing your Recruitment Agency for GDPR: Protecting your Data from Insider Threats”, whilst there is more information about ransomware threats and their prevalence and impact on recruitment agencies in this article 

3. Invest in and implement the right technologies and business processes to deal with insider and external threats to data. This will involve a wide raft of technologies to provide protection from a range of different threats, coupled with effective, documented business processes. Long gone are the days when some anti-virus software and a firewall were all that were needed. Nowadays the type of technology we are talking about will include:
  •  Virus protection, ideally from multiple vendors 
  •  Malware protection 
  • Ransomware protection 
  • Behavioural monitoring software that will monitor and block applications which are behaving suspiciously 
  • Software restriction policies 
  • Systems for applying operating system and application security updates to servers, PCs and laptops promptly 
  • Device monitoring software to flag unusual usage statistics which indicate a device may be compromised 
  • Email filtering 
  • Website filtering 
  • Constantly updated firewall protection, ideally from multiple vendors 
  • Encryption of stored data 
  • Encryption of data in transit 
  • Data loss/leakage prevention technology 
  • The ability to remotely wipe data from any user device that is lost or stolen 
  • Strong passwords or two factor authentication 
  • 24/7 monitoring against threats ű
You can find more information about Data Access Control procedures in my blog “Preparing for GDPR: Securing your Recruitment Agency’s Data - Part 1”, whilst there is more information and tips around management of cyber security risks in this article

In my next blog, I will be sharing 4 more tips for GDPR compliance. In the meantime, if you are concerned about your agency’s GDPR compliance position, please do not hesitate to contact myself, or my colleague Andrew Banning, on 0208 732 5656 or email us on at@xc360.co.uk or ab@xc360.co.uk when we will be happy to arrange a no obligation conference call or meeting.
 _________________________________________________________________________________

Xara Computers flagship product, the XC360 for Recruitment private cloud platform, provides recruitment agencies with a fully managed, highly secure, UK based remote desktop running all their own agency’s software. This allows fee earners to work and collaborate in real-time, from any location, using any computer, laptop or tablet, safe in the knowledge that their confidential client data is centralized and secure. For more information please visit our website https://www.xc360.co.uk/recruitment/

Friday, 28 July 2017

Preparing Your Recruitment Agency for GDPR: Data Backup and Recovery



Over recent blogs, I have outlined some of the data security issues that recruitment agencies need to consider when preparing for GDPR, including data access control and securing your data from insider threats.

Today I wanted to talk about effective backup of your data, as this also forms an important part of your GDPR compliance obligations. In fact, protecting your recruitment agency’s confidential data and email is paramount, not only for GDPR compliance, but also to ensure your agency is not impacted by an IT problem. As such, it is vital that backups of data are being held. However, not all backups are equal! In fact, backup takes many forms, and in most cases nowadays there is a need for a multi-layered backup strategy in order to provide full protection of data. As a provider of a secure private cloud platform for recruitment agencies, I am all too well aware of the technical complexities and potential pitfalls of data backup and recovery, so I thought it would be useful to share some information on the various different types of backup that are available, along with the pros and cons of each, and the scenarios when you would employ each type of backup.

Cloud/Online Backups

This is where a copy of your data is sent to the cloud either periodically or in realtime as files are updated.

Cloud backups are a useful way of keeping a copy of your data offsite, which provides for extra protection in the event of a disaster on your premises, which might wipe out locally held backups as well as the live servers.

The effectiveness of this type of backup depends on the volume of data you are holding/changing and the speed of your internet connection. Where there are large data volumes involved and limited internet speed/capacity they are not always practical.

There are also security considerations around confidentiality of data that it is important for the agency to understand – for example where is your backup data being stored in this scenario? Does it remain in the UK or EEA? Is the data centre where it is housed suitably secure (e.g. ISO27001 certified)? Is your data encrypted, both on the backup provider’s servers and whilst it is in transit?

It is also important to understand whether the provider is retaining multiple historical versions of each file, or just the latest backup.

With suitable due diligence and appropriate internet connectivity, online backup can be a good solution for retaining up-to-date system backups.

Removable Media

This is where a copy of your data is taken periodically to a removable media such as disk or tape. This provides a very useful form of backup as it is held off-line and therefore can't be attacked by cyber security threats such as ransomware. Offline backups can also be useful to facilitate fast restoration, since you do not need to pull the data back over the Internet.

It is very important to ensure that any removable media backups are kept physically separate from live systems, and ideally off-site, as otherwise there is the danger that a problem which incapacitates your live system may also wipe out the backups.

Bear in mind that removable media backups are not usually run in real-time (an overnight backup is typically the norm), so there is likely to be some data loss if you do need to restore from this type of backup, as well as some downtime while the restore takes place.

However, it is best practice for a cycle of backups to be taken, which does then provide the facility to restore everything back to a given point in time. This can be particularly useful when a corruption or a cyber infection has occurred, since it allows the system or individual files to be restored back to a point in time before the problem occurred.

Realtime Replication

Real-time replication to another server works well when no downtime can be tolerated, but bear in mind if a corruption or accidental deletion of a file occurs, that this will be replicated in real-time to the backup server too.

Recovering Your Data in a Disaster

Backups are vital, but if you cannot recover them in a timely fashion, or without undue data loss, then they are of little use.

So in your GDPR preparation, it is important to consider for how long your agency could cope without access to each of your IT systems and/or data repositories. This is likely to vary from system to system; for example you may be able to tolerate no downtime on your email server, but it may be acceptable for an archived projects folder to be restored within 72 hours. So your plan needs to go through each system you use, considering how long you could live without it. The second key consideration is around data loss. Again for each system you need to be clear how much data loss, if any, would be acceptable and tailor your disaster recovery systems accordingly. If no data loss is acceptable, then a real-time replication solution should be considered. If some data loss is acceptable in a disaster scenario, then you may be able to live with backups that run daily or hourly.

Finally, never underestimate the importance of having a written disaster recovery plan and having tested it on a regular basis. Testing, in my experience, almost always highlights errors or omissions in the plan which would cause an issue in a live disaster recovery invocation. So regular testing is paramount, bearing in mind that your IT systems are constantly evolving and being updated.

I hope this gives you some key pointers for preparing your IT systems for GDPR from a data backup and recovery perspective. Should your agency require help in clarifying its current backup strategy and ensuring it is aligned to your agency’s current business needs, as well as GDPR compliance requirements, please do not hesitate to contact myself, or my colleague Andrew Banning, on 0208 732 5656 or email us on at@xc360.co.uk or ab@xc360.co.uk when we will be happy to help.

Xara Computers flagship product, the XC360 for Recruitment private cloud platform, provides recruitment agencies with a fully managed, highly secure, UK based remote desktop running all their own agency’s software. This allows fee earners to work and collaborate in real-time, from any location, using any computer, laptop or tablet, safe in the knowledge that their confidential client and candidate data is centralized and secure. For more information please visit our website www.xc30.co.uk/recruitment

Wednesday, 28 June 2017

Preparing your Recruitment Agency for GDPR: Protecting your Data from Insider Threats



Over recent blogs, for obvious reasons, I've been talking a lot about cyber security. But today I wanted to go back to the topic of preparing for GDPR, as I know it is an issue that is concerning many of you at the moment.

In preparing your recruitment agency for GDPR it is important to realise that as well as securing your personal data from external cyber threats, you also need to be securing it from insider threats. So what do I mean by insider security threats?

Well this can be something like a rogue employee, or a disgruntled ex-member of staff, but more likely it will be a genuine member of staff who accidentally causes a security breach or data loss.

Human error, or our natural tendency as human beings to take the easy option, is actually one of the commonest causes of such an incident, so it is good practice to put in place policies and controls that will minimise the risks of such an occurrence.

Password policies would be one such control. I'm sure for ease of memorability, we would all naturally tend towards an obvious password, but these are very easily guessable and as such do not provide the level of care and protection of your confidential data that GDPR demands. Equally, there is a fine balance to be struck, as overly complex password policies, which demand long and complex passwords which frequently change, can result in staff feeling the need to write their passwords down - and having passwords recorded on sticky notes, certainly doesn't demonstrate due care of confidential data under GDPR!

Having appropriate processes and procedures around starters and leavers is also key in ensuring that only authorised personnel have access to your confidential data. Equally, it is best practice to only give staff the minimum access to systems and data that is needed to do their job, in order to minimise risk from a data breach or deletion, whether accidental or deliberate.

Staff education is also vital in ensuring that your systems are not compromised by security threats like malware or ransomware, which are often transmitted via rogue emails. I know many of you have seen and downloaded my white paper "Best Practice for Staying Safe Online", a copy of which can be found here if you missed it first time round.

The mobile working revolution has also opened up a plethora of new challenges, and preventing data loss or data leakage from mobile devices is a key area that needs careful management under GDPR. With company emails now frequently being synchronised to personal mobile phones, and data often being held on laptops to enable remote working, it is all too easy for confidential data to accidentally get lost if a device is mislaid or stolen. Equally staff can sometimes be unaware of the implications of having certain pieces of software on their laptop and may be unwittingly backing up or synchronising confidential company data to an unsuitable or insecure location, or even outside the EEA.

Nowadays, it is also likely that external organisations or third parties may have legitimate access to some of your IT systems or data. In this case this needs to be secured in just the same way as it is for your own staff , so you are clear who has access to what parts of the system, why this is needed and how it is controlled. There also need to be procedures in place to review, amend and remove access for third parties, as business relationships evolve and change.

If you would like to discuss ways in which Xara Computers can help you secure your agency’s data, and prepare for GDPR compliance, please do not hesitate to contact myself, or my colleague Andrew Banning, on 0208 732 5656 or email us on at@xc360.co.uk or ab@xc360.co.uk when we will be happy to help.

Xara Computers flagship product, the XC360 for Recruitment private cloud platform, provides recruitment agencies with a fully managed, highly secure, UK based remote desktop running all their own agency’s software. This allows fee earners to work and collaborate in real-time, from any location, using any computer, laptop or tablet, safe in the knowledge that their confidential client data is centralized and secure. For more information please visit our website https://www.xc360.co.uk/recruitment/

Friday, 2 June 2017

Protecting your Recruitment Agency from Cyber Threats.... Free Staff Training Resources



As those of you who have read my previous blog, "Cyber Security for Recruitment Agencies… 8 Top Tips to keep your Agency Safe", will know, effective protection against cybercrime involves much more than just technology.

Indeed, we only have to look at the devastation caused to the NHS and many other organisations by the recent WannaCry ransomware attack, to see that simply having a firewall and some antivirus software is nowhere near enough to protect against today's complex cyber security threats.

The reality is that, to be effectively mitigating cyber threats, recruitment agencies need to implement a complex jigsaw of pieces consisting of multiple technologies and a raft of policies and procedures around issues such as mobile working, Bring Your Own Device (BYOD), applying system updates in a timely manner, managing starters and leavers, controlling data access by third parties, effective password and authentication procedures and much, much more.

On top of all this, implementing staff training around cyber security is a critical part of the jigsaw in successfully reducing the threats that cybercrime poses to any business.

It is important to remember that your security is only ever as good as your weakest link on any given day. That could be the temporary administrative worker who opens a seemingly legitimate attachment or website link which turns out to be something much more sinister.

For this reason we thought it would be useful to produce a white paper "Best Security Practices for Staying Safe Online", which outlines some of the key user education issues around protecting your business from cybercrime. We are making this free resource available to all our contacts to help them reduce their risk from cybercrime, and as such the white paper may be distributed to your staff and/or used as a training resource.

To request your free copy of the white paper, please email at@xc360.co.uk.

If you would like to discuss further ways in which Xara Computers can help you secure your recruitment agency’s data, as well as prepare for GDPR compliance, please do not hesitate to contact myself, or my colleague Andrew Banning, on 0208 732 5656 or email us on at@xc360.co.uk or ab@xc360.co.uk when we will be happy to help.

Xara Computers flagship product, the XC360 for Recruitment private cloud platform, provides recruitment agencies with a fully managed, highly secure, UK based remote desktop running all their own agency’s software. This allows fee earners to work and collaborate in real-time, from any location, using any computer, laptop or tablet, safe in the knowledge that their confidential client data is centralized and secure. For more information please visit our website https://www.xc360.co.uk/recruitment/

Friday, 5 May 2017

Preparing for GDPR: Securing your Recruitment Agency’s Data Part 1



In my previous blog, Cyber Security for Recruitment Agencies…. 8 Top Tips to Keep Your Agency Safe, I gave some pointers to help recruitment agencies safeguard their confidential client and candidate information.

Since then, many of you have been in touch asking for more information on this topic, especially in light of the imminent enforcement of GDPR. Therefore today I thought it would be useful to share some more information about the specifics of securing your agency’s data. This broadly falls into two categories – access control (effective security for authorised users) and cyber security (protection against unauthorised access).

Today I am going to talk about the former, as having good access control systems lies at the heart of successfully protecting your recruitment agency’s data, and forms an important part of preparing your agency’s information systems for GDPR compliance.

GDPR places accountability on recruitment agencies to have in place policies, procedures and documentation that demonstrates the personal data they hold is stored securely. Bearing in mind that the recruitment industry is fundamentally all about dealing with the storage and movement of personal data, this is likely to cover the vast majority of an agency’s data and activities.

Therefore, for each of your computer systems, it is important to understand, and have documented, who has access to that system and what level of access they have. Bear in mind that it is best practice to give each user the minimum access they require to the system to do their job. Allowing staff wider access to systems puts you at greater risk of a data security breach, data corruption or data loss through incidents such as accidental deletion, a ransomware attack or malicious insider threats. As well as having SOPs in place to handle the IT access control requirements of new starters, it is also important that there are procedures in place to cover what happens when somebody leaves the company or changes role.

Nowadays, it is also likely that external organisations and third parties such as outsourced payroll providers or organisations carrying out background checks will have access to some of your IT systems or data. In this case this needs to be secured in just the same way, so you are clear who has access to what parts of the system, why this is needed and how it is controlled. There also need to be procedures in place to review, amend and remove access for third parties, as business relationships evolve and change.

Mobile and remote working present a whole additional set of challenges to IT security, with the potential for copies of data or emails to be residing on all kinds of devices, both company owned and employee or third-party owned, which do not necessarily conform to company security standards. Developing policies around mobile working and ensuring there is not leakage of data or unauthorised access to data form a critical part of compliance nowadays. Policies and technologies also need to be implemented to protect against data breaches from mobile devices that are lost or stolen.

Finally, bear in mind that it is not just your main company-wide IT systems that fall under the GDPR. Any indexed system that contains personal data is subject to the legislation, so do make sure you are also including in your access control procedures all those little databases or spreadsheets that have been developed by an individual or department and which contain personal data.

If you would like to discuss ways in which Xara Computers can help you secure your agency’s data, and prepare for GDPR compliance, please do not hesitate to contact myself, or my colleague Andrew Banning, on 0208 732 5656 or email us on at@xc360.co.uk or ab@xc360.co.uk when we will be happy to help.

Xara Computers flagship product, the XC360 for Recruitment private cloud platform, provides recruitment agencies with a fully managed, highly secure, UK based remote desktop running all their own agency’s software. This allows fee earners to work and collaborate in real-time, from any location, using any computer, laptop or tablet, safe in the knowledge that their confidential client data is centralized and secure. For more information please do not hesitate to contact me on 0208 732 5656 or email at@xc360.co.uk