Network and infrastructure
- Encryption in transit: TLS 1.2 minimum enforced across all communications, data transfers and API connections
- Encryption at rest: AES-256 or platform-native encryption applied to all stored data
- Network segmentation and firewall policies configured per environment
- Vulnerability scanning and patching conducted on a regular cadence
Our devices
Every device our team uses for client work is secured:
- Current, supported operating systems with automatic updates enabled
- Endpoint detection and response (EDR) deployed on all work devices
- Full disk encryption on all laptops and workstations
- Remote wipe capability for any device with access to client environments
Monitoring and logging
- Centralised logging across project infrastructure and application layers
- Security event monitoring with alerting for anomalous activity
- Audit trails maintained for all access to client data and systems
- Log retention aligned with your regulatory requirements