Security measures for Personal Data. Network intrusion detection system and proactive IP banning, combined with full access logging. • UK-based servers administered by a ISO 27001 certified, G-Cloud provider. • Enforced TLS, ensuring that data exchange between users and our servers is fully encrypted. • Optional 2FA to ensure greater account security. • Optional IP address whitelisting to only allow access to account whilst using corporate network. • Every interaction with data stored on the platform requires a unique validation key, which is destroyed and regenerated after every user action, providing an added layer of security. • Data-at-rest encryption for Customer collected data. • Sensitivite user credentials such as passwords and PII are fully hashed or encrypted before being stored in our database.
Appears in 2 contracts
Sources: Service Agreement, sums.org Agreement