The security and protection of your data and your clients’ data is our priority.
Access to the e-filing platform requires a two stage gateway involving user name and password.
It is important for users to recognise, accept and actively play their part in ensuring the data uploaded to the e-filing site is as secure as we can make it. Some simple, easy ways to help us protect your data are:
- Ensure the same password is not employed in multiple contexts as this will reduce the security of the data
- Do not email passwords
- Passwords should be strong in formation i.e. at least 7 characters comprising a mixture of upper case and lower case letters, symbols and numbers.
- Use anti-virus software and update it regularly.
- Download and store the documents served by the other parties.
- Never give your password to anyone else.
The data centres we use have the following features:
- The servers are regularly updated with security patches and fixes.
- The e-filing Platform itself is written in terms that follow best practice for validating user input and protecting the database.
- The servers sit behind firewalls and intrusion prevention systems which protect from internet based perimeter attacks.
- The security of the Platform is under constant review in the light of reported hacks of well- known organisations.
- No payment details are stored on the Platform.
- Passwords are kept in an encrypted form on the database.
- All data sent to and from the Platform including log on details are sent via SSL (encryption).
- On site staffing 24 hours a day.
- Multi-layered physical security.
- CCTV surveillance and recording.
- Are situated in South East England and enable site resilience for core services.
- All backup data is transmitted between the data centres’ sites via a military grade (AES-256) encryption key. It is then stored in UK data centres with this encryption.
- Environmental controls.
- Power resilience using multiple connections to the National Grid.
- Non-redundant capacity components (single up-link and servers) physically available on site.
- Redundant capacity components are physically available on site.
- Equipped with on-site generators with UPS and battery systems for transparent fail-over.
- Fire threat detection and suppression.
- Water leak detection.
- Multiple up-links in place.
- All components are fully fault-tolerant including the up-links, storage facilities, chillers, HVAC systems and servers.
- Tier 3, ISO 27001, ISO 9001 and PCI DSS 3.0 compliant.
These measures enable our data centres to guarantee the availability of data from the hardware for 99% of operational time.
In addition to the strong security available at the data centres each platform provides robust security by itself:
Encryption in contrast to other systems such as Outlook, any emails/attachments/embedded images sent via an eARB platform use 3DES encryption as a minimum together with additional encryption measures making web communications secure.