At HFX, we take data security seriously. Our leading workforce management solution is hosted in the cloud for our customers, from SME to Enterprise and across many industries; all get the same high-security treatment regardless of their size.
But just how we do it and why it is secure is often unclear to many non-IT professionals, so this explainer endeavours to give you an insight into the lengths we go to…
First let’s talk about border security, when a tourist comes to the UK, they must pass through passport security before they are allowed in. This though isn’t the first security check made. Even before they get on the plane, there are often passport checks, luggage is scanned, and visa forms completed.
Our data centre is no different when someone opens a browser and points to our application, it doesn’t go straight to our servers, you are diverted first for inspection. The inspection checks your luggage (“data package”) looking for anything suspicious including your country of origin. But unlike airports, there is no queuing, this exhaustive process takes just milliseconds thanks to a huge array of servers built with a single purpose of inspecting our visitors. All this happens without you even knowing about it.
If you manage to pass through this check you will be forwarded to our actual servers, though not before going through another set of security checks (our own firewalls). Once we let you through the firewalls, we check your “data packages” again, just in case you slipped something past border security. Again, this happens seamlessly and instantly.
Assuming you get past these checks, you must provide the application credentials and naturally, all traffic is encrypted as well as data “at rest”. Each server is segmented so even if access is gained, there are bulkheads preventing anyone hopping from one server to another.
Prevention is not our only defence; All server activity is monitored to make sure no one is doing anything they shouldn’t on our servers. Anything unusual is alerted to our IT support team who will take any action required to secure the servers and the data.
Whilst the above explains the “logical” security we have in place, what about the physical security where the servers are located. Naturally, we don’t tend to reveal the physical location other than both our data centres (one is for Disaster Recovery) are located in the UK.
In terms of logical security, I used the example of “Border Controls”, but in terms of physical security, it is like a “Prison” but more secure. Just like a prison, there are many inmates (tenants) in the datacentre who take this level of security as seriously as we do. Whilst we serve over 1,500 customers, some of our “inmates” serve millions of customers, so we are in good company (though again and for the same reason we can’t name names).
If you could locate our datacentre then you would still have a problem popping in for a look. You need to be authorised at least 24 hours in advance and by an existing “inmate”. You will also need to bring your passport as your identity will be checked.
Just to get to the building you need to get through the perimeter fence and anti-ram raid bollards. The security office itself has bulletproof glass and there are CCTV cameras everywhere monitored by the 24/7 security guards. Assuming you are allowed through by the security guard – be prepared to be searched on the way in and on the way out – there are two more security doors and mantraps with integrated access control. If you make it to our racks you will need to have previously registered your fingerprint on the biometric device to unlock the steel door on each rack.
Absolutely no-one gets in our out unless authorised and authenticated… just like a prison only a bit more secure.
Not every company may go to this degree of security, but we believe that customer data belongs to the customer and as custodian’s we take this very seriously. If you are looking for safe hands, you couldn’t be safer with your workforce management data than with HFX.
To find out more about HFX’s Cloud based workforce management solutions visit: https://www.hfx.co.uk/solutions/information/