Safeguarding Software Security
Information Security
The security of information held within our safeguarding solutions is of paramount importance, both to us and to our customers. Needless to say, all of our systems, processes and behaviours are designed to achieve the best possible levels of information security.
We are registered with the Information Commissioner’s Office (ICO) and our standard contract complies with the Data Protection Act (DPA).
Consistent with the DPA, The Safeguarding Company will act as a data processor while the customer will always remain the data controller.
Information Security Statement
Cyber Essentials Plus
We have received certification under the Cyber Essentials Plus scheme as a result of our information security standards.
Cyber Essentials Plus is a Government-backed, industry-supported scheme to help organisations protect themselves against common cyber attacks.
To achieve certification we have had to demonstrate the controls we have implemented to mitigate the risk from common internet based threats so that our customers can be assured that we have taken these essential precautions.
As part of this we undergo independent penetration testing to ensure our firewalls are as secure as they can be. We are required to re-certify annually under this scheme and cannot use this certification unless we do so.
ISO 27001 Certification
As part of our commitment to information security, The Safeguarding Company has successfully completed ISO 27001:2013 Certification. This is the latest version of this internationally recognised information security standard.
Our processes have been independently audited and shown to be secure and operating to the highest standards. Being ISO 27001:2013 certified gives a quality assurance that sensitive information such as customer data, logins, network traffic, storage and backups are managed in a secure manner.
Mircosoft Gold Partnership
The Safeguarding Company recently achieved Microsoft Gold Partner status, a reflection of the expertise in specific subject areas, competencies, and commitment of our technical staff with Microsoft products.
Having that title means we have earned the highest standards of Microsoft's widely-recognised partnership program and allows us to have a closer working relationship with Microsoft showcasing the excellence of our product development team.
All deployments of our products are subject to our End User Licence Agreement (EULA) and our Data Sharing Agreement (DSA), both of which support our approach to achieving the highest levels of information security.
Our DSA details the specific security measures that we implement and maintain to protect customer data. These measures meet or exceed those imposed upon data controllers in the UK through the DPA’s Seventh Principle.
Unalterable audit trails are a standard feature within our products.
All data recorded by organisations using our products are transmitted using Secure Sockets Layer (SSL) technology – 2,048 bit SSL encrypts all data between end-users and the server. Each organisation’s database is fully encrypted and no data is held in human-readable form.
All products are accessible securely from within an organisation’s network or over a secure internet connection from any web-enabled device (subject to local information security policies).
As part of the implementation process for our products we provide specific guidance on good practice and the personal responsibilities of system users in relation to information security.
