Our datacenter is co-located in a fully secure Datacentre in Maidenhead. The datacentre has extensive physical security and environmental controls to secure our infrastructure from physical threat or impact. Each site is staffed 24/7/365 with on-site physical security to protect against unauthorised entry. Security controls provided by our datacenter facilities includes but is not limited to:
24/7 Physical security guard services
Physical entry restrictions to the property and the facility
Physical entry restrictions to our co-located datacenter within the facility
Full CCTV coverage externally and internally for the facility
Biometric readers with two-factor authentication
Facilities are unmarked as to not draw attention from the outside
Battery and generator backup
Generator fuel carrier redundancy
Secure loading zones for delivery of equipment
Our infrastructure is secured through a defense-in-depth layered approach. Access to the management network infrastructure is provided through multi-factor authentication points which restrict network-level access to infrastructure based on job function utilising the principle of least privilege. All access to the ingress points are closely monitored, and are subject to stringent change control mechanisms.
Systems are protected through key-based authentication and access is limited by Role-Based Access Control (RBAC). RBAC ensures that only the users who require access to a system are able to login. We consider any system which houses customer data that we collect, or systems which house the data customers store with us to be of the highest sensitivity. As such, access to these systems is extremely limited and closely monitored.
Additionally, hard drives and infrastructure are securely erased before being decommissioned or reused to ensure that your data remains secure.
Systems controlling the management network log to our centralised logging environment to allow for performance and security monitoring. Our logging includes system actions as well as the logins and commands issued by our system administrators.
The security and data integrity of customer is of the utmost importance to us. As a result, access to the systems which contain your data is extremely limited, only to a small minority of staff members who require access at any given time.
Snapshots and Backups are stored on an internal non-publicly visible network on NAS/SAN servers. There is no direct public access to the backup systems and no staff access unless required by an engineering team.