InTouch Security Practices

We have developed a comprehensive set of practices, technologies and policies to help ensure your data is secure.

InTouch runs under the SAAS (software as a service) model which means we look after all the nuts and bolts of operations, pro-actively updating, maintaining and monitoring the system, thereby ensuring that your data is as secure as it can be.

We are continually improving our security by monitoring our procedures and infrastructure to keep up to date with the industry.

End to end encryption

InTouch forces all communication over HTTPS for all services, including our public website, which is the protocol for secure communication over the Internet that mitigates against man-in-the-middle attacks and eavesdropping.

We regularly audit the details of our implementation: the certificates we serve, the certificate authorities we use, and the ciphers we support.

To run a report on the quality of our HTTPS encryption by Qualys SSL Labs* please click this link.

* Qualys SSL Labs are a non-commercial research organisation, and are leaders in the field of SSL / HTTPS validation.

What does this mean?

Communication between your device and InTouch is encrypted in both directions. You can see this yourself when using InTouch, there is a green padlock in your browser near the address bar. Double click it to see a report.


Transparent Data Encryption (TDE)

TDE helps protect against malicious activity by performing real-time encryption and decryption of the databases, associated back-ups, and log files using symmetric key encryption.

What does this mean?

Even in the unlikely event of a 3rd party gaining physical access to our servers, they still won’t be able to read the data.

Geo Replication (GeoR)

We use the latest GeoR back up methods available from Microsoft. At any one time there are 5 encrypted backups of your data + the original, totalling 6 encrypted copies.

In the event of a major regional catastrophic disaster or outage (earthquake, power outages etc), we have the ability to recover from a 1-hour old geo-redundant store that is located physically in a different Microsoft data centre.

What does this mean?

This allows InTouch to offer unprecedented business continuity in the event of a major disaster.

ISO 27001 Compliant Data Centre

Microsoft Azure Data Centre’s comply to the UK ISO 27001 standard for information security management, which includes people, processes, and IT systems. For a complete list of compliance certifications please visit the Trust Centre.

What does this mean?

Only authorised personal can access the servers.

Conveyancing Software Compliance

Penetration Testing

One of the best ways to defend against cyber-attacks is to hack yourself first. This is why InTouch is regularly tested by Tinfoil Security who continually test the system for vulnerabilities.

Tinfoil Security Tested

Reputation based security

We utilise CloudFlare’s network of over 2 million websites to collaboratively identify and block threats. When something malicious occurs on one website, the origin of that malicious attempt is then blocked for everyone across the network. CloudFlare have the largest network of its kind which gives us a tremendous ability to block an attack before it starts.

Cloudflare Reputation Based Security