To provide security to your data whilst you use our systems we take measures to protect it from accidental loss and unauthorised access both whilst it as at rest and as it travels across the network.
- All storage is encrypted. This protects you in the event of a physical breach of security. All data is unreadable without being decrypted.
- For users that use a shared service, access control lists are used on both file systems and host processes. This provide separation between users and prevents users from accessing others data. Also from it prevents a compromise in another users web applications from compromising other users data.
- Management access to our infrastructure is only by authorised personnel. All management access is logged to an audit log. Management access is only via encrypted traffic, and uses secure cryptographic keys to identify personnel.
- Our internal infrastructure is separated via different physical network connections, and not placed on the Internet, protecting it from accidental or malicious access.
- Backups of our data are maintained in two different geographic locations, providing resilience in the event of hardware failure. Backups are held on encrypted disks.
- Remote backups are transferred across the network encrypted, preventing tampering and loss of confidentiality.
- We provide free TLS/SSL certificates, recognised by all major browsers. This allows you to use encryption when you access services across the network, protecting data confidentiality and integrity.