Security, Protection and Business Continuity
April 2010
As our Internet platform stores our customers' essential business data, it is important for us to explain the measures we take to ensure that this data is safe and secure.
Physical Security
Our servers are located in a highly secure, purpose-built facility in which direct access to the hardware is closely controlled. Entry to the facility is restricted strictly to authorised individuals, with identity checks confirmed against a photo record (e.g. passport). Within the facility, access is controlled via card-activated doors to only the permitted racks which house the servers which an individual is authorised to access.
Fire Safety
The data centre is equipped with VESDA (Very Early Smoke Detection Apparatus) which will deploy haylon gas which does not adversely affect the electrical equipment.
Electrical Protection
The power supply to each room, rack and server is also protected. The first level of protection is provided by Uninterruptable Power Supplies, backed up by building-wide generators capable of maintaining all the servers housed there. The systems use "N+1", which is for every item of critical power equipment (N), there is at least one backup system for it (+1).
Network Connectivity
The servers all have an extremely high capacity Internet connection which is linked to the data centre's 'backbone' which comprises of multiple 10Gb connections. This is then linked to other data centres and telecommunication companies for UK and Global connectivity. A system known as Border Gateway Protocol (BGP) is used to maintain the connection if any of the fibre connections fail or any route to or from a data centre should fail; downtime is kept to a minimum, virtually zero.
Network Security
The integrity of our servers is maintained by means of firewalls, antivirus software, restricting the activities of logged-in users and a strict programme of Operating System updates.
Data Protection
The first level of protection comes from our policy that every server uses RAID drives (Redundant Array of Inexpensive Disks) which means that data is replicated across multiple disks to prevent any data loss if drives fail. Secondly, all critical data and user settings are backed up twice a day and copied to a different server in a different room of the data centre. Thirdly, the data is copied completely offsite to an independent secure data vaulting service to allow fast rebuild of the data structure in the extremely unlikely event of a building-wide issue such as terrorism or flooding. All of these services are completely automated and use the network to copy the data, therefore not relying on people other than for monitoring.
This article is intended to assure you that all possible measures are being taken to safeguard our server infrastructure and the data it stores.
We are open and transparent about the technology and procedures we use to protect our customers' data.
If you have any question or wish to know more, we encourage you to get in touch.