Security

Security

ScribeStar Platform Security Information

Platform

We spent a large amount of time putting measures in place to secure the data we hold for our clients. We have a track record for being proactive and staying ahead with out security measures. We are constantly putting new measures in place to improve the security we offer to our clients.

  • Two Factor Authentication
  • Encryption of data in transit and at rest using AES 256-bit Encryption
  • Secure Key Vaults
  • Data Segregation
  • Data Sovereignty
  • Granular access controls and authorisation
  • Periodic Penetration testing by a third party
  • Periodic Vulnerability scans.
ScribeStar Delivery Technology

Delivery

We deliver our technology in our own private cloud, a white labelled service in your private cloud, or as a hybrid solution. Our personnel have full control and complete responsibility for the management of all network resources in both our private cloud and our own data centres.

  • Our SaaS private cloud offering is hosted in Microsoft Azure (Tier 3) at their facilities in UK and Ireland. Azure data centres are maintained to the highest standards and are compliant with ISO 27001, HIPPA, SOC 1/2/3, Fed RAMP, FIPS and PCI-DSS
  • Our hybrid offering allows you to host data in our data centres which comply the same standards as Microsoft Azure.
  • Network monitoring, auditing,  intrusion and threat detection.
  • We have a 24/7 monitoring system with failover, disaster recovery and resilience measures in place.
ScribeStar Compliance policies and procedures

Compliance

We are an ISO 27001 and Cyber Essentials Plus certified organisation with policies and procedures in place to ensure Information Security and Controls are maintained to high standards. We have been audited and certified since 2015 successfully.

We have been vetted by numerous firms, banks and issuers who have used us on transactions and we constantly maintain and improve our policies and procedures. Our information security management system has been reviewed and vetted by a large number of firms and issuers. We have policies and procedures in place which ensure we audit and vet any vendors we onboard as part of our Information Security Management System.

We are constantly looking at due diligence to comply with cloud and cybersecurity accreditations so that we can provide a higher level of security for our end users.