Resources > RapidLEI Platform Security

RapidLEI platform security

At RapidLEI, the security of your data is our highest priority. As a GLEIF accredited LEI Issuer (LOU), thousands of organizations trust RapidLEI with their Legal Entity Identifier management & information.

RapidLEI adheres to the highest industry standards for security for acquired data, with strict controls around where is it processed, stored, transformed and archived for audit purposes.

Physical Security

  • The RapidLEI platform is hosted in a United Kingdom Tier 3 Data Centre which is ISO 27001, PCI DSS certified and a UK National Cyber Security Centre (NCSC) ready environment.
  • Physical security consists of 24×7 CCTV, perimeter fencing with anti-ram bollards and 24×7 on-site security personnel.
  • Access to the Data Centre can only be obtained by pre-booking and on production of government issued photographic identification.
  • Data Centre floor access is controlled via Biometrics and/or PAC card. To access the Data Centre area all personnel must also first pass through a “man trap”.

Cooling, Power & Fire Protection

  • Data Centre cooling is continually monitored via temperature and humidity sensors to ensure the optimum temperature is maintained throughout the data halls.
  • Power backup consists of a site wide battery-based UPS system with Backup Generators and on-site capacity for a minimum of 48 hours continuous running.
  • In the event of prolonged failure of Grid Power, priority supply agreements are in place to provide fuel for the backup generators.
  • UPS and Backup Generators are tested on a monthly basis.
  • Fire protection is provided via ionisation and optical detectors in suites, roof cavities and sub-floors.
  • A Highly Sensitive Smoke Detection (HSSD) System is also in place to detect fires before they flare.

Hosting Environment

  • The RapidLEI platform is hosted on a fully redundant managed hosting platform.
  • All elements of the RapidLEI platform servers, storage, network & security devices and applications are provided by industry leading tier 1 vendors.
  • The RapidLEI platform has been designed from the outset to provide the highest levels of uptime, performance and security.

Security

  • Multiple-layers of security are utilised, including endpoint protection, next generation firewalls & application firewalls with comprehensive reporting and monitoring. Products from multiple vendors are utilised in accordance with Best Practices.
  • Data “in flight” to/from the RapidLEI servers is secured with 256-bit encryption, data at rest in on-site and off-site back-ups is also secured with 256-bit encryption.
  • Access Control to vetting and validation data uses RBAC permissions allocated on the principles of least privilege.
  • Terms of service contracts are Digitally Signed and timestamped

Data Protection

  • The RapidLEI platform is backed up on a 15-minute basis to both a local on-site and remote off-site Data Centre.
  • All backup data is encrypted using AES 256-bit encryption at both rest and in transit.
  • An automated full system recovery is performed once every 24 hours to ensure the integrity of the backed-up data.
  • In the event of a failure of the primary hosting systems or Data Centre environment, RapidLEI can be recovered in either the primary or secondary Data Centre to separate isolated recovery systems.
  • Disaster Recovery processes are regularly tested and any improvements to the process implemented and then re-tested.

Third Party Accreditations

  • RapidLEI is the marketing brand of Ubisecure Oy. Ubisecure Oy is GLEIF Accredited, and its Information Security Management System is ISO 27001 certified.
  • The software development environment is ISO 9001:2015 certified.