Our Safety Kit values the data that its clients hold within its hosted environment and maintains this data in a secure, reliable and confidential manner.
The following sections outline Our Safety Kit’s approach to achieve this objective.
Our Safety Kit’s cloud computing infrastructure is provided by Micosoft’s Azure cloud computing services which meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards like Australia IRAP, UK G-Cloud, and Singapore MTCS.
Our web and data servers are hardened against viruses, worms, and trojans. Our systems automatically update in response to these vectors and are regularly audited.
Our web servers are protected from malicious attacks and intrusions from outside sources by hardware and software firewalls, and are hardened to NSA guidelines. All external access to our servers is through a single port.
Data is kept synchronised between locations with database mirroring. The databases are identical to the record level and can be switched over whenever needed.
Data is automatically backed up on a daily basis. Back up files are stored on the database server and also copied to the other participant in the mirror. Back up files are tested on a quarterly basis for proof of integrity of back up files and data.
Users must choose a strong password and automatic lockouts are enforced when incorrect passwords are repeatedly entered.
All data transferred between users and the service is encrypted.
Our infrastructure is audited by third parties who conduct penetrative testing and server security scans.
No third parties have access to client data. No one has access to client data unless invited by the client.
Last updated: August 2014