Data Security is at the heart of what we do
Gapsquare has achieved ISO 27001 certification for information security management systems. A widely known security accreditation, this certification is confirmation that we utilise the very best practice when managing the security of data and information assets. Our certification number is 18191-ISN-001 and is available to view here.
How we handle data security in our Software
Communication and transport
- Our online software is accessed through a secure connection link with HTTPS protocol
- This means that data send between a user and our servers is encrypted and transferred over a secure connection, preventing privacy breaches, forging of information and tampering with data
- Users passwords must meet a set of requirements and be changed every 90 days
- In case of password leaks, users registered as administrators can act to enforce a password change to protect the user’s data
Two-Step Factor Authentication
- Users can enable Two-factor authentication, facilitated by a time-limited code generated either by an external, trusted app (e.g. Google authenticator) or by email
- All user data is stored in an encrypted form. Only specialised, vetted personnel from Gapsquare – all of whom have signed a non-disclosure agreement – know the procedure for decrypting and unlocking data.
Data Security and our Infrastructure
- Our platform is facilitated via the Google Cloud, with Google providing the security for the underlying physical environment, computer hardware and operating systems
- Currently data is stored in the Google Cloud SQL (mySQL) database in the europe-west2 region (London)
- Database backups are performed daily and all backups are stored on separate servers (for a week) to prevent data loss
Other Cloud Providers
- If required, our platform can be delivered via other Cloud providers, following further discussion with us.