Security Policy

We are committed to protecting your work and keeping your data secure. Therefore, we follow best practice in terms of our security procedures and use the best security tools.in order to keep you work and data safe.

Here are some of the measures we employ.

 

Datacenter security

 

We use a third-party, top-tier datacenter that maintains several industry recognised certifications, including ISO 50001, pci-DSS, HDS and ISO 27001.

Our hosting provider is also compliant with numerous regulations, privacy standards, and frameworks, UK Data Protection Act, EU Data Protection Directive, FISMA, among others.

 

 

Server security

 

Our servers are hardened according to EU Code of Conduct Datacentres and Tiers III design by the Uptime Institute (2014) standards and include file integrity monitoring (FIM), rootkit detection and DDOS protection. All servers have secured loading docks, 24×7 on-site security guard, internal and external CCTV with complete site coverage, biometric scan & RFID badges, alarms monitored 24×7, water mist system and VESDA smoke detectors.

 

 

Encrypted transmission

 

All browser connections and communication is transmitted over SSL (TLS), ensuring data privacy and integrity. Our servers only support 128- or 256-bit cipher suites over TLS 1.1 or higher, protecting against unauthorized disclosure, modification, and replay attacks.

 

 

Encryption of authentication and session data

 

All authentication and session data is encrypted with AES-256, ensuring your account credentials and sessions remain protected and unreadable in a stored state.

 

 

Continuously scanning

 

We perform weekly dynamic application scans using a leading web app security scanner.

We also keep looking for ways to improve our security and maintain things running smoothly and secure.