Here at InTouch we take our information and Security practices seriously and have developed a comprehensive set of practices, technologies and policies to help ensure your data remains secure.
We operate a SaaS (Software-as-a-Service) model which means we look after all the nuts and bolts of the data security operations, pro-actively updating, maintaining and monitoring the system, thereby ensuring that your data is as secure as it possibly can be.
We are continually improving our security by monitoring our procedures and infrastructure to keep up to date with the industry.
Below we give you an overview of some of the things we do to keep you and your customers’ data safe.
InTouch is hosted on Microsoft Azure cloud servers this gives us a number of benefits when it comes to information security, disaster recovery and business continuity. You can read more in-depth about it on Microsoft’s own website here. Below we outline a number of the benefits this will have for your organisation.
We use the latest GeoR backup methods available from Microsoft. At any one time 2 different instances encompassing all data and code exists. These are spread across two sites in the UK (serving the UK and Channel Islands) and two in Australia, meaning if one goes down we can get the service up and running again with very little disruption.
In the event of a major regional catastrophic disaster or outage (earthquake, power outages etc), we have the ability to recover from a 1-hour old geo-redundant store that is located physically in a different Microsoft data centre.
This allows InTouch to offer unprecedented business continuity.
Microsoft Azure Data Centres comply with UK ISO 27001 standard for information security management, which includes people, processes, and IT systems. Microsoft also certifies for a number of other certifications, to find a complete list of compliance certifications please visit the Trust Centre.
This means only authorised personnel can access the servers.
InTouch forces all communication over HTTPS for all services, including our public website, which is the protocol for secure communication over the Internet that mitigates against man-in-the-middle attacks and eavesdropping.
We regularly audit the details of our implementation: the certificates we serve, the certificate authorities we use, and the ciphers we support.
This means communication between your device and InTouch is encrypted in both directions. You can see this yourself when using InTouch, if you click on the padlock to the left of the address bar.
We also deploy Transparent Data Encryption (TDE) which helps protect against malicious activity by performing real-time encryption and decryption of the databases, associated back-ups, and log files using symmetric key encryption.
This means that even in the unlikely event of a 3rd party gaining physical access to our servers, they still won’t be able to read the data.
One of the best ways to defend against cyber-attacks is to try and hack yourself first. This is why InTouch is regularly tested by Tinfoil Security who continually test the system for vulnerabilities. Any issues are flagged and immediately dealt with to keep your data secure.
Through the InTouch user interface you can control which users are able to perform certain actions within the system. For example you might want to restrict certain tasks to only supervisors or have only cashiers being able to raise invoices. You can also easily deactivate and reactive any users as needed.
This reduces a number of risks such as compliance risk, fraud risk, and risk of business process corruption.
We utilise CloudFlare’s network of over 2 million websites to collaboratively identify and block threats. When something malicious occurs on one website, the origin of that malicious attempt is then blocked for everyone across the network. CloudFlare has the largest network of its kind which gives us a tremendous ability to block an attack before it starts.
If you choose to set up two factor authentication (also commonly known as 2FA), it will require your users to sign in not only with their passwords but also with a code sent to their dedicated mobile device. This means only people with access to both the username, password and that specific device are able to access the system.
The first time when a new device logs into InTouch you will be sent an email notification to your linked account giving you an approximate location and device information of the login.
This allows you to quickly identify anyone accessing your account.