“How safe is my data?”
Data protection and security is very much our first priority and the security of your data governs every development decision we make. We cut no corners when it comes to security. We not only believe that we have a legal responsibility to ensure the safety of your data, but also a moral one. We protect your data because, frankly, it’s the right thing to do. This document outlines the steps we take to ensure that you can use QADEX with confidence and the processes we put in place to ensure this confidence is well placed.
From your computer to us
The journey of your data starts with you. We do not allow single sign on from other systems because we believe people should have to maintain a unique password for QADEX. Convenience does not trump security in our book. So, every user has to enter a password to access the system. Your username and password information are encrypted by us in the database. Once you’ve typed the data into QADEX, that’s where we start to help with security. Whilst we do not encrypt all data, your security is immediately encrypted in the database. No-one can access your password.
Long version: Browser sessions describe how your browser talks to our servers. This is the first step in security, with data flying back and forth. These sessions are encrypted with industry standard Secure Sockets Layer (SSL), utilising a 2048 length private key – way beyond what is the normal industry standard. Our SSL certificates are signed with a SHA-256 with Rivest–Shamir–Adleman (RSA) algorithm. The server only accepts connections from browsers with a strong cipher suite and will not allow weak encryption for SSL Sessions. The server SSL supports the latest Transport Layer Security (TLS 1.2) protocols. Our servers are not vulnerable to POODLE cyberattacks, or the HEARTBLEED security bug.
Short version: Our technical people stay on top of the latest security news, and everything is encrypted in transport to the latest standards. Given that the estimated time to hack encryption of this type is significantly longer than the age of the universe then we’re comfortable that your data is safe on its way to us.
Physical security of Data
Long version: All your data is located on Amazon Web Services (AWS) in the EU (Ireland), and never leaves the EU (Ireland). Amazon is ISO 27001 information security standard certified. Our data is stored in a secure data centre, with multiple levels of security, including crash barriers, complete CCTV coverage, motion sensors, trip lights, state-of-the-art alarms, and roving guards. The centre has reinforced access doors, digital key storage systems, multiple pin entry systems, electronic and physical access logging, and an array of other physical security measures designed to stop someone getting into the building. Even if they do, the servers are all physically and separately secured. The servers are all protected with a digital gateway, which means multiple layers of security requiring different levels of authorisation.
Short version: Our servers are comprehensively protected against unauthorised access.
Long version: We work diligently to prevent hackers from gaining access to our servers and are frequently ‘penetration tested’ by a recognised third-party auditor. We use KPMG (www.kpmg.com) and were last audited in 2016. The result was uniformly positive, with the tester finding “there was no way of accessing the application without valid security credentials”. We achieve this result by:
- Ensuring that the servers are locked down to access only by secure shell (SSH) private / public key combinations.
- Making sure all servers are kept up to date with security patches and updates.
- Permitting access only to those people that need it and even then, only to the level that is required.
- Regularly updating a list of those individuals who can access the servers and ensuring the reason for them doing so is still valid.
- Logging every access to the server and reviewing those logs regularly.
Short version: Our servers are kept up to date, patched regularly and can only be accessed directly by system admin personnel in the QADEX office.
Long version: QADEX has been built with the updated Ruby on Rails server-side web application framework, following well documented best practices for secure application development. The application does not produce leak error or process information. It handles all user input in a secure manner and takes steps to prevent escalation of permission attacks through missing function-level access control. We also code to avoid cross-site request forgery (CSRF) attacks, session attacks, cross-site scripting, structured query language (SQL) injection, and many other nasty little tricks that people play.
We’re also scrupulous about what access our people have to information. So, the application stops our support staff from accessing your data unless you give them specific consent to do so. Operations team members and account managers have access to general metrics in the system but no access whatsoever to your data. Developers are required to develop in a test environment only and will only access account data as part of second line support – again, only with informed consent from clients. All security information, including session information, is encrypted. All backups are encrypted both in storage and transport.
Short version: We do everything we can do prevent both unauthorised access from people outside QADEX, and unauthorised access of your account from within QADEX.
Reports and Offline Activity
We provide a secure environment within Qadex. We put lots of effort into our security. Taking data outside of Qadex removes the data from this secure environment. For this reason, reports can only be generated from within the system. They will not be downloaded and emailed by our team.
Transfer of data to other electronic systems will only be done by secure application programming interface (API) transfers agreed and developed to the same standards outlined in this policy.
Customers requiring non-API access to data for transfer, must access, download and transfer them directly from the Qadex system to an alternative location.
Long version: Our server availability for the last calendar year was 99.95%, which includes time for all new releases and maintenance, etc. To ensure availability we:
- Load-balance – We run a multi-instance application, which means the QADEX system is simultaneously running on multiple servers. If we lose a server, the application stays up.
- Automated scaling – If the application thinks it needs more power in order to continue to deliver high performance, it will simply add on additional servers. When the demand goes down, it will reduce the number of servers.
- Rolling updates – Updates are rolled out one server at a time. This means that as one server is being updated, users will be automatically re-routed to another server. This means most updates can be done without disturbing clients or taking the system down. In the case of a major system update, we carry it out over a weekend and you will be notified in advance.
- Multi Availability zone – Although all of our servers are in the EU (Ireland) for data protection reasons, they are housed at multiple secure sites. Therefore, even in the event of an entire site going down, QADEX will continue to remain operational.
- Backups: Incremental backups are made at midnight each day and are kept at a secure location for three years.
Development best practice: All of our development code is checked by team leaders and project managers in a development environment before being transferred to a staging environment. At this point it is checked yet again by front-end users. In this way, we aim to catch development issues long before they hit the live server. Code is checked for security first, performance second, and only then for functionality. We take looking after your data very seriously.
Short version: We do everything we realistically can to ensure the QADEX system will be there when you need it. On the extremely rare occasions that this isn’t the case, our development team will resolve problems speedily, while ensuring you are kept informed about progress.
Long version: To break into our offices someone would have to go through multiple locked doors. Our offices have 24/7 CCTV coverage. We all work from desktops which are password protected and access to your data is kept safe and secure in the data centre. Your data is not kept on any servers in our office, nor on any workstation.
Short version: Worried about someone breaking into the QADEX offices? Don’t be. They can’t access your data even if they logged into a QADEX staff member’s workstations.