We have developed a comprehensive set of practices, technologies and policies to help ensure your data is secure.
InTouch runs under the SAAS (software as a service) model which means we look after all the nuts and bolts of operations, pro-actively updating, maintaining and monitoring the system, thereby ensuring that your data is as secure as it can be.
We are continually improving our security by monitoring our procedures and infrastructure to keep up to date with the industry.
InTouch forces all communication over HTTPS for all services, including our public website, which is the protocol for secure communication over the Internet that mitigates against man-in-the-middle attacks and eavesdropping.
We regularly audit the details of our implementation: the certificates we serve, the certificate authorities we use, and the ciphers we support.
To run a report on the quality of our HTTPS encryption by Qualys SSL Labs* please click this link.
Communication between your device and InTouch is encrypted in both directions. You can see this yourself when using InTouch, there is a green padlock in your browser near the address bar. Double click it to see a report.
TDE helps protect against malicious activity by performing real-time encryption and decryption of the databases, associated back-ups, and log files using symmetric key encryption.
Even in the unlikely event of a 3rd party gaining physical access to our servers, they still won’t be able to read the data.
We use the latest GeoR back up methods available from Microsoft. At any one time there are 5 encrypted backups of your data + the original, totalling 6 encrypted copies.
In the event of a major regional catastrophic disaster or outage (earthquake, power outages etc), we have the ability to recover from a 1-hour old geo-redundant store that is located physically in a different Microsoft data centre.
This allows InTouch to offer unprecedented business continuity in the event of a major disaster.
Microsoft Azure Data Centre’s comply to the UK ISO 27001 standard for information security management, which includes people, processes, and IT systems. For a complete list of compliance certifications please visit the Trust Centre.
Only authorised personal can access the servers.
One of the best ways to defend against cyber-attacks is to hack yourself first. This is why InTouch is regularly tested by Tinfoil Security who continually test the system for vulnerabilities.
We utilise CloudFlare’s network of over 2 million websites to collaboratively identify and block threats. When something malicious occurs on one website, the origin of that malicious attempt is then blocked for everyone across the network. CloudFlare have the largest network of its kind which gives us a tremendous ability to block an attack before it starts.