The business has grown substantially over a number of years, and now has a number of different business units providing different services. Some of that growth has been through acquisitions.
There are a number of policies which impact on information security in place across the business. The business takes payment online via credit and debit card, but considers that it has appropriate security measures in place, and is working towards PCI-DSS certification. The growth of the business has resulted in fragmentation of databases across multiple servers, and the business has recently sought to move to a cloud solution. Multiple third parties have access to certain data through APIs.
Source: Global Data Hub