"We implement tried and tested operational policies and practices to ensure that our systems are reliable, secure and meet leading enterprise software industry standards"
Information Security Policies & Procedures
- All Fast Floor (FFM) client and customer data is stored and processed in the UK
- At no time is data transferred outside the UK unless specifically requested
- Data is retained only for the purpose it is provided and is returned on completion
- We do not store data beyond the time required to process it in accordance with FFM requirements; all temporary data is securely destroyed upon completion of processing
- All data held by us for the purposes of processing is securely held within our office location in Market Harborough, UK
- Access to data is securely managed and provided to FFM employees on a need to have basis
- FFM maintain a secure office network including Firewall and Intrusion Detection systems preventing unauthorised access to client and customer data.
- All information is stored and backed up nightly including FFM Data and Software Source Code
- Our offices are protected by monitored Alarm System with BT Red Care
System Access Policies
- Access to the Software is securely controlled by username and strong password.
- User Access to data is strictly controlled by User Role preventing unauthorised access to data by system users.
- The host environment is protected by Firewall and Intrusion Detection Systems.
- Conformance with OWASP guidelines and industry best practice including;
- Query Parametrisation / SQL Injection Prevention
- Secure Password Storage Salted, Hashed (SHA512)
- Encrypted (256-bit AES)
- Content Encoding and XSS Injection Prevention
- CSRF Prevention
- File Upload restriction by type and size
- All data held within the system is securely stored using data encryption on all sensitive data fields
- User Access to the system and all data viewed within it is encrypted during transmission using industry standard 128 bit / 256 bit SSL / TLS Certificates
System Hosting Infrastructure
We have four major data centre locations across the UK, complimented by a NOC and DR site. There is local data centre presence in Leeds with private connections to Telehouse North in London Docklands, Synergy House and Kilburn House in Manchester Science Park. The Network is BGP routed to multiple IP transit providers for full redundancy using own AS 57653.
The software is hosted on VMware platform located in the multiple data centres on Fast Floor's behalf by our cloud hosting partners Central Technology Limited (ct.co.uk)
- Dedicated hosting resources are allocated to the Software
- Scalable resources available on demand to provide additional resource capacity if required
- ISO 27001 certified secure data storage
- Dedicated Virtual Firewall and Intrusion Detection system with regular penetration testing in accordance with ISO 27001
- Overnight Snapshot Backup allowing for full disaster recovery or individual file level data recovery – all backup data is encrypted for security and retained for 14 days, weekly backups are taken and retained for 5 weeks and monthly backups taken and retained for 6 months
- Platform 99.999% Uptime
Data Centre Security
- ISO 27001 certified UK Tier-3 Data Centre
- 24/7 Manned On-Site Security
- CCTV – External and Internal, including on data centre floors covering physical access to servers
- Perimeter Fencing
- Photo ID and Electronic Entry Card System
- Anti-Tailgating Access System
- Multiple resilient power feeds including dual power feeds to each server and mains failover
- Full environmental monitoring and control including water cooled chillers and air conditioners
- VESDA Early Detection and Fire Suppression System
- Carrier Neutral data centres with resilient connections to other major UK data centres
- Layer 2 connections into all UK major Tier 1 carriers