Security & Compliance

ISO 27001 is the most widely known information security management standard used by organizations to keep data assets secure. Implementing ISO27001 demonstrates a commitment to information security at every level of our organization. The ISO/IEC 27001:2013 Information Security Management System of Faria Education Group Ltd has been certified by BSI under certificate number IS 664562. Following the recent addition of Pamoja Education and Oxford Study Courses Ltd to the suite of services offered by Faria, we are working to bring both new companies within the scope of this certification.

More information about ISO/IEC 27001:2013 and Information Security Management Systems (ISMS) can be found here. The certificate of Faria Education Group Ltd. may be found here.

All data between your computer and our systems is encrypted end-to-end with SSL by default.  Other uploaded assets and backups are also stored and transmitted using encrypted connections.

We never send your data over the wire “in plain sight.” 

Pamoja Education and Oxford Study Courses Ltd does not store credit card information on any of our servers. Instead, we securely transmit information to our payment providers, via our PCI-compliant payment gateway, which handles your transactions. 

Data sent through Pamoja Education and Oxford Study Courses Ltd often must respect the laws of the countries where we provide service.  Thus, we go out of our way to follow all data privacy policies of the countries where we do business.

To that end, we host our data securely on servers located in offices in the UK and Cloud Servers in Ireland. Our complete terms of service and privacy policies can be found here.

GDPR

Pamoja Education and Oxford Study Courses Ltd are fully compliant with the Data Protection Act 2018 and GDPR. For more information about our GDPR and Data-related policies, click here.

Faria internal security policies are governed under ISO 27001, and these have been rolled out across Pamoja Education and Oxford Study Courses Ltd. Key points include:

• All access to production data is carefully controlled and limited
• Physical access to laptops and servers is monitored and controlled
• Passwords are held to a high standard of security
• All devices that access our systems are scanned for malware and centrally-managed
• All users undergo a required security training on an annual basis
• Our Security Incident Response Team is kept on 24/7 standby and meets weekly to review our security posture
• We remain vigilant for new security threats and monitor major reported breaches and vulnerabilities to understand their potential impact on our operations

We have performed a comprehensive analysis of risks to our business and have warm standbys of our applications and data in backup data centres.

Our entire workforce employs a ‘remote first’ mindset to be able to work anywhere. In the event of a natural disaster or serious network issue, we can quickly resume operations in alternate locations.

If you’d like to discuss further aspects of our security and compliance policies for your own internal records, please contact us for a briefing under NDA.

Email: [email protected]

Phone: +1 866 297 7022