Our approach to security is constantly reviewed, with regular updates to both our underlying infrastructure and the platform software to ensure the highest possible level of data protection. Key features of our security model include:
Use of a Linux Virtual Private Server (VPS) model, providing a high level of security.
Network intrusion detection system and proactive IP banning, combined with full access logging.
UK-based servers administered by a ISO 27001 certified, G-Cloud provider.
Enforced TLS, ensuring that data exchange between users and our servers is fully encrypted.
Optional 2FA to ensure greater account security.
Optional IP address whitelisting to only allow access to account whilst using corporate network.
Every interaction with data stored on the platform requires a unique validation key, which is destroyed and regenerated after every user action, providing an added layer of security.
When sharing data between accounts or publicly, further cryptographic checks are employed in order to ensure appropriate user authorisation.
Sensitivite user credentials such as passwords and PII are fully hashed or encrypted before being stored in our database.