top of page

INFORMATION SECURITY CENTRE

Your Data Security

We know that data security is important for you, and it's a priority for us too. We have policies and processes in place to ensure we meet the highest possible standards.

Encryption

The data in our applications is encrypted at rest and in transit using AES256.

Data Security

We only access a specific data record if requested to do so by the client Administrator.

Service Availability

We have an IP Transit Connectivity Service availability guarantee of 99.99%.

System Monitoring

Our threat detection process ensures our team are alerted to, and keep a log of, potential incidents.

Secure Development

Prior to release, we

review and test our code, including manual and automated checks. 

Staged Updates

We only release

software updates after robust testing in development.

Account Security

We use MFA for all users and subscriber organisations to secure their accounts.

User Permissions

Users can be assigned different roles with multiple parameters, set up at the database level.

ISO 27001:2022

We are ISO 27001:2022 certified, the highest standard for information security management.

General Data Protection Regulation (GDPR)

Globocol’s internal processes and software are fully compliant with the General Data Protection Regulation (GDPR). Drafted in the EU, the GDPR is the toughest privacy and security law in the world.

 

The UK data protection regime is set out in the Data Protection Act 2018 and the GDPR (which also forms part of UK law).

More about GDPR and Globocol >>

About ISO 27001

ISO/IEC 27001 is the world's best-known standard for information security management systems (ISMS). It defines requirements an ISMS must meet.

The ISO/IEC 27001 standard provides companies of any size and from all sectors of activity with guidance for establishing, implementing, maintaining and continually improving an information security management system.

Conformity with ISO/IEC 27001 means that an organization or business has put in place a system to manage risks related to the security of data owned or handled by the company, and that this system respects all the best practices and principles enshrined in this International Standard.

 

Globocol is ISO 27001 certified to the most recent 2022 standard. Globocol's compliance is audited by NQA, a third-party certification body accredited by UKAS. NQA have certified that Globocol follows the ISO 27001 framework and has implemented all the required controls, policies, and procedures. 

CRK : Our Information Security Partners

CRK logo white.png

CRK Consulting are independent information security specialists who work with Globocol to ensure that our Information Security Management System (ISMS) is fit for purpose.

 

They have implemented a risk management methodology which has facilitated the development of a risk treatment plan into our business. This ensures that ISO 27001 controls and business security requirements are documented and maintained on an ongoing basis.

 

CRK have over 15 years’ experience of working within ISO and compliance frameworks in the private, public and not-for profit sectors.

CRK Consulting website >>

bottom of page