Security and Hosting
Egress Switch Security
Egress Server Infrastructure (ESI) delivers a highly scalable and robust security infrastructure to a global market. As the backbone of the Switch secure collaboration service, Egress Software have invested a great deal of time and resources into ensuring Egress Switch is the most secure and scalable service on the market today. Customers demand absolute reliability and 100% uptime of the Switch security service. The core Switch architecture incorporates the perfect balance of the highest security with global resilience and scalability.
Egress Switch utilises identity based AES 256-bit encryption using FIPS 140-2 approved cryptographic libraries. This provides the highest level of security for complete end to end data exchange. Egress Switch hides the complexity of encryption using a revolutionary patent protected architecture and is the true evolution of PKI based encryption systems. For further information about the Egress Switch Platform certifications and accreditations please visit the certifications page.
Egress Software have partnered with 4 key service providers, Amazon Web Services (AWS), Microsoft Azure, UK Fast and Skyscape Cloud Services to provide choice with unrivalled security and flexibility. As a baseline all providers must have a minimum of ISO27001 certified data centres.
In 2006, Amazon Web Services (AWS) began offering IT infrastructure services to businesses in the form of web services -- now commonly known as cloud computing. One of the key benefits of cloud computing is the opportunity to replace up-front capital infrastructure expenses with low variable costs that scale with your business. With the Cloud, businesses no longer need to plan for and procure servers and other IT infrastructure weeks or months in advance. Instead, they can instantly spin up hundreds or thousands of servers in minutes and deliver results faster.
Today, Amazon Web Services provides a highly reliable, scalable, low-cost infrastructure platform in the cloud that powers hundreds of thousands of businesses in 190 countries around the world, with data centre locations in the U.S., Europe, Brazil, Singapore, Japan, and Australia.
At a high level, we’ve taken the following approach to secure the AWS infrastructure:
- Certifications and Accreditations. AWS has achieved ISO 27001 certification and has successfully completed multiple SAS70 Type II audits. AWS will continue to obtain the appropriate security certifications and conduct audits to demonstrate the security of the infrastructure and services. For more information on risk and compliance activities in the AWS cloud, consult the Amazon Web Services: Risk and Compliance whitepaper.
- Physical Security. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. AWS infrastructure is housed in Amazon-controlled data centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical barriers to prevent unauthorized access.
- Secure Services. Each of the services within the AWS cloud is architected to be secure and contains a number of capabilities that restrict unauthorized access or usage without sacrificing the flexibility that customers demand. For more information about the security capabilities of each service in the AWS cloud, consult the Amazon Web Services: Overview of Security Processes whitepaper.
- Data Privacy. AWS enables users to encrypt their personal or business data within the AWS cloud and publishes backup and redundancy procedures for services so that customers can gain greater understanding of how their data flows throughout AWS. For more information on the data privacy and backup procedures for each service in the AWS cloud, consult the Amazon Web Services: Overview of Security Processes whitepaper. The AWS Security Center provides links to technical information, tools, and prescriptive guidance designed to help you build and manage secure applications in the AWS cloud. Our goal is to use this forum to proactively notify developers about security bulletins. Such transparency is the backbone of trust between AWS and our customers.
Microsoft Azure is an open and flexible cloud platform that enables Egress Software to quickly build, deploy, and manage applications across a global network of Microsoft-managed datacenters. The Microsoft Azure platform is used for those organisations that require global accessibility and resilience and who are utilising other Microsoft Cloud platforms such as Microsoft Office 365 or Exchange online.
To help organizations comply with national, regional, and industry-specific requirements governing the collection and use of individuals’ data, Microsoft offers the most comprehensive set of certifications and attestations of any cloud service provider.
To demonstrate that these controls deliver compliance you can rely on, Microsoft enterprise cloud services are independently validated through certifications and attestations, as well as third-party audits. In-scope services within the Microsoft Cloud meet key international and industry-specific compliance standards, such as ISO/IEC 27001 and ISO/IEC 27018, FedRAMP, and SOC 1 and SOC 2. They also meet regional and country-specific standards and contractual commitments, including the EU Model Clauses, UK G-Cloud, Singapore MTCS, and Australia CCSL (IRAP). In addition, rigorous third-party audits, such as by the British Standards Institution and Deloitte, validate the adherence of our cloud services to the strict requirements these standards mandate.
All aspects of UKCloud's Assured Cloud platform, from security, to service management to sustainability, are underpinned and independently verified by a comprehensive set of globally accepted assurance certifications and accreditations.
With infrastructure located in secure UK data centres, our services are assessed against recognised international standards ISO9001, ISO20000, ISO27001 and the additional controls within the recently released ISO27018:2014 standard.
ISO27018 provides an approach to addressing data privacy concerns around Personall Identifiable Information (PII) within public cloud services, using an extended framework of PII focused controls which supplement those already present within ISO27001:2013.
As a result our UK data centres are subject to regular audits, assessments and inspections by certification bodies, regulators and accreditors.
- Accreditation - UKCloud Cloud Services has achieved Pan Government Accreditation for all of its G-Cloud services, and their underlying infrastructure, which confirms their suitability for supporting IL0-IL3 protectively marked data.
- Compliance - UKCloud has developed a Compliance Programme which delivers a credible position in four strategic areas: Quality, Information Security, IT Service Management and the Environment.
- Quality Management (ISO9001) - UKCloud’s established Quality Management System, certified to ISO9001, delivers robust and effective policies and processes, enabling all parts of the organisation to function efficiently and in a controlled manner.
- IT Service Management (ISO20000) - UKCloud acknowledges that the IT Infrastructure Library (ITIL) represents best practice in the field of IT Service Management, and its service management processes align with the ITIL v3 aligned process framework.
- Information Security Management (ISO27001) - Of the utmost importance to UKCloud is the protection of the confidentiality, integrity and availability of data: both UKCloud’s own and that entrusted to UKCloud by its clients. UKCloud’s ISO27001 certified Information Security Management System (ISMS) is based upon a robust framework of information security policies and procedures, aligned with the UKCloud Risk Assessment Methodology (SRAM).
UKFast are one of the UK's leading hosting and colocation providers, supplying dedicated server hosting, critical application hosting, and cloud hosting solutions. UKFast own, manage and operate the UKFast data centre complex, with over 30,000 sq. ft. of enterprise-grade, ISO-certified facilities.
|At UKFast, reducing environmental impact is a key priority and therefore are very proud to have achieved PAS 2060 certification - making them the 1st certified carbon neutral hosting company in the UK.|
|UKFast provides secure web hosting to clients worldwide, offering hosting services certified to the ISO 27001:2008 standard - ensuring the security of you and your customer's data.|
ISO 9001: Quality Management
|UKFast has implemented an internal Quality Management System (QMS) which is certified to ISO9001:2008. The QMS is continually maintained and improved to ensure that we meet, if not exceed, the expectations of our clients. Certification through the scheme identifies UKFast as one of the brightest and best independent consultants to compete on a level playing field for public sector and corporate projects.|
ISO 14001: Environmental Management
|As part of their commitment to managing their carbon footprint, UKFast is certified to the environmental standards of ISO14001 - an internationally-recognised certificate for evaluating how well an organisation manages its environmental responsibilities. UK Fast also monitor and measure greenhouse gas emissions as directed by the ISO 14064-1:2006(E) standard, along with guidance issued by DECC and Defra.|
UKFast are PCI DSS (Payment Card Industry Data Security Standard) compliant in our operational business processes relating to the payment card industry.