“The service meets a high level of security, and the transparency and engagement you have shown has been excellent.”
Graham Thomson, Chief Information Security Officer of Irwin Mitchell LLP recently reviewed the Platform’s security arrangements
The security and protection of clients’ data is our greatest priority.
For obvious reasons a detailed explanation of the security measures in place cannot be provided in order to protect the integrity of the data centre’s security.
In summary the following are covered by our security technologies and controls:
Within these fields of activity we strive to protect our users' data as descibed in more detail below.
Together with colleagues in our partner organisations we have achieved compliance with the Data Protection Act, 2018 and the GDPR.
Our compliance actions are constantly evolving as we respond to developments in the regulatory environment and ever changing cyber threats.
It is important for users to recognise, accept and actively play their part in ensuring the data uploaded is as secure as, working together, we can make it.
We urge our clients not to use the same password in multiple contexts as this will reduce the security of the data. We also ask them not to email passwords.
Passwords should be strong in formation i.e. at least 7 characters comprising a mixture of upper case and lower case letters, symbols and numbers.
Access to the platform is via a two stage gateway involving user name and password is required.
We host at Tier 3 data centres which meet the following standards: ISO 27001, ISO 9001 and PCI DSS 3.0.
These measures enable the data centre to guarantee the availability of data from the hardware for 99.982% of operational time.
Unlike other e-mail systems such as Outlook, any emails sent via our platform use 3DES encryption as a minimum together with additional encryption measures making web communications and their attachments secure.