Security

We have all the bells and whistles
to keep your data secure

Introduction

Our digital products run in the cloud, so you can access our products wherever you are. This also means that we defend our systems from cybersecurity threats from anywhere in the world. But that’s ok, we are up to the job. We are monitoring, learning and adapting to the ever evolving threat landscape. We do this with four layers of security, all of which work in tandem to give you a secure service. These four layers are physical security, network security, application security and operational security.

Enterprise Grade Security

We have been working with enterprise clients for over 20 years and have world class secure systems. To find out more, please go to our Trust Centre.

Physical Security

All cloud based software resides on servers that are kept within data houses around the world. Our servers are hosted inside Amazon Web Services (AWS). AWS is one of the most popular and secure providers in the world. Our servers are hosted within the E.U. and are secured through carefully designed data centres. We take into account everything from environmental risks, such as flooding, extreme weather and seismic activity, to other risks such as power cuts and fire. Learn more about AWS and their physical security.

Network Security

All of our systems are accessible through the internet. This means that all servers and connections to those servers need to be secure. Our systems are designed and configured according to strict rules. We have firewalls that are continuously blocking threats. We encrypt all information going to and from our servers to ensure that nothing can be intercepted and seen while in transit. We are continuously testing our setup to make sure it is secure and we have help from security companies who simulate attacks to ensure we can defend our systems. Access is carefully controlled to ensure that malicious requests are blocked, and legitimate users are free to access and use our tools.

Enterprise Grade Security

We have been working with enterprise clients for over 20 years and have world class secure systems. To find out more, please go to our Trust Centre.

Application Security

Within the system where physical and network security is established, we have the application. The application comprises of the code and databases that allow you to login and use our tools. If the application is poorly designed, allowing for hackers to easily gain unauthorised access, the security of the whole system may become compromised. Our team of software developers have had years of experience delivering world-class applications for enterprise use. We have adopted a ‘security by design’ workflow ensuring that every feature and alteration is specified with the risks in mind. The developers work collaboratively with the security team to resolve any vulnerabilities which may arise during the development process. Changes to our application are thoroughly designed, peer-reviewed and tested before being released into the live system. Our live system is regularly tested by our security team, and by third party security companies to ensure it remains impenetrable.

Operational Security

The security of any cloud based system is only as good as the people that are maintaining those systems. Over years of dedicated work on security, we have created a culture of security excellence. Our people are highly sensitive to risks and the operational excellence needed to keep your data secure. We work closely to the ISO 27001 standard, which is a highly efficient set of processes and policies to ensure that everything we do is carefully designed, implemented and audited as effective. This standard ensures that we regularly analyse the risks we might encounter and apply controls to mitigate those risks. The ISO 27001 standard is audited by an external company that visit us to investigate everything we do, and check we are doing it right. When we pass the test, we get certified. For more information see compliance.

If you have any questions about our security don’t hesitate to ask us. If you are interested in how we handle your data, check out our Privacy Notice.