Your security questions answered
You can read our security overview, know that we are GDPR compliant, but some of you will have specific security questions you'd like the answer to. So we've compiled a list of short answers to help you complete those internal security questionnaires.
A yes to these questions
- Is data encrypted in transit over HTTPS?
- Is data encrypted at rest?
- Is data hosted in the EU?
- Are passwords hashed and salted?
- Is Database access firewalled and user restricted?
- Do staff have to sign confidentiality agreements?
- Do you do regular software updates?
- Are hardware devices on laptops encrypted?
- Do you host in the cloud, with Amazon Web Services?
- Do you provide an up to date list of 3rd party processors?
- Can we use Single Sign On?
And a no to these questions.
- Do you store debit/credit card details?
- Do you store data outside the EU?
- Do contractors have access to client data?
- Do you outsource software development?
- Do you sell data?