Leading a security company with transparency and trust
As a technology company born out of the physical security space, Arcules has had the opportunity to challenge the way things “have always been done” with innovative solutions that consistently push traditional limits. You’re ready to go cloud? We can have your system up 5x faster than on-premise solutions. Worried about latency? We’re built on a system that delivers video 4x faster than other cloud providers. But this isn’t a post about all the great things Arcules does that you see but rather more about what you don’t see.
This post is one that strives to demonstrate transparency; to reiterate security and data privacy; and perhaps most importantly, advocates for trust. Arcules has implemented a Privacy Accountability Framework based on leading international privacy regulations (for example the EU’s GDPR) and best practice. The Company constantly reviews, improves and updates this Framework to ensure that the appropriate technical and organizational measures have been implemented to protect the privacy of all Arcules stakeholders (employees, partners, and clients).**
Few (if any) young companies experience high growth without tough growing pains, and it is only by sharing the details of our experiences that we learn and improve as an industry. As a product just over two years into the market, the Arcules Video Cloud Platform is an industry-leading integrated video management system but not without its fair share of ever-changing product features and production bugs.
Since Arcules’ founding, we have been alerted on a few occasions to technology flaws from our clients and partners, and on each instance, we have addressed those issues proactively and with complete transparency with our employees and clients. We don’t shy away from those issues but take them as challenges to solve and become better as an organization and in turn improve our performance to our clients.
For instance, recently we received notification that there was a potential data breach, the Arcules team moved into action and within 10 minutes identified that there was definitely no data breach but only human error and corrected the issue. With complete transparency, we alerted all the key stakeholders and informed them of the identified issue and the remediation that was underway.
Now here is the hard part to disclose in this post but I felt needed to be shared to display that truth, trust, honesty, and integrity are the only way to go.
Shortly after the incident, we discovered that an employee had shared Arcules’s confidential company information related to that matter with an outside party. What those individuals’ motivations were, I won’t speculate on in this post.
To us, it was another human error. Whether it be of judgment or trust is neither here nor there, but when this confidentiality breach occurred, Arcules took the position of informing everyone involved of our position and acknowledgment of the seriousness of the incident and the actions we were taking to address the security breach.
Arcules immediately investigated the unauthorized disclosure of information to determine its impact on the privacy of our employees, partners, and customers.
To be clear, after a very thorough and detailed forensic investigation, we know that at no point was any customer information made available to unauthorized users, and no video data, camera, network, or other information was accessed, lost, or disclosed.
Arcules is a company that thrives on openness, trust, and faith in our staff. This employee not only violated confidentiality but also betrayed the trust of our company. It is my philosophy to operate the company in an exceptionally open way with many open forums because we know that this increases the speed at which we can deliver quality solutions to our partners and customers. What we have learned through this situation? We learned that, as an organization, Arcules is more resilient and committed to its vision than ever before. What we observe is that this negative incident brought the teams closer together, and inspired even more transparency among our staff.
In an ever-evolving real-time cloud-based business, human errors will occur. It’s what we do with them that makes a difference. We can choose to be open and learn from the experience or not…to us, transparency is the culture and DNA of our organization.
In a security organization, integrity is the most important thing we have. Without it, we can’t build the best solutions or attract top-notch employees. We must have that trust among ourselves and our colleagues, for our clients, and for our partners. Because without it, we don’t have anything.
At Arcules the Business of Security is Security…
*This post was originally published on November 16, 2019 by Andreas Pettersson on Linkedin.
**Updated 11/29/19: The post published on November 16, 2019 originally stated:
“Arcules is a fully compliant GDPR company and works constantly to ensure the security of the technology and your information on a real-time basis”
and Arcules has updated the sentence to state:
“Arcules has implemented a Privacy Accountability Framework based on leading international privacy regulations (for example the EU’s GDPR) and best practice. The Company constantly reviews, improves and updates this Framework to ensure that the appropriate technical and organizational measures have been implemented to protect the privacy of all Arcules stakeholders (employees, partners, and clients).”
It was brought to Arcules’ attention that claiming “Arcules is a fully compliant GDPR company” may have been misleading as there is no established standard for full GDPR compliance. Arcules wishes to emphasize that it was not the Company’s intention to overstate our position or mislead, Rather, Arcules is confident that the Accountability Framework, underpinned by comprehensive policies, guidelines, standards, and SOPs helps ensure that Arcules maintains compliance with its obligations under the GDPR and other relevant legislation. In addition, Arcules is committed to good corporate citizenship and is a member of the EU Cloud Code of Conduct which reinforces our commitment to the protection of the privacy of all data subjects.