RapidLEI adheres to the highest industry standards for security for acquired data, with strict controls around where is it processed, stored, transformed and archived for audit purposes.
- The RapidLEI platform is hosted in a United Kingdom Tier 3 Data Centre which is ISO 27001, PCI DSS certified and a UK National Cyber Security Centre (NCSC) ready environment.
- Physical security consists of 24×7 CCTV, perimeter fencing with anti-ram bollards and 24×7 on-site security personnel.
- Access to the Data Centre can only be obtained by pre-booking and on production of government issued photographic identification.
- Data Centre floor access is controlled via Biometrics and/or PAC card. To access the Data Centre area all personnel must also first pass through a “man trap”.
Cooling, Power & Fire Protection
- Data Centre cooling is continually monitored via temperature and humidity sensors to ensure the optimum temperature is maintained throughout the data halls.
- Power backup consists of a site wide battery-based UPS system with Backup Generators and on-site capacity for a minimum of 48 hours continuous running.
- In the event of prolonged failure of Grid Power, priority supply agreements are in place to provide fuel for the backup generators.
- UPS and Backup Generators are tested on a monthly basis.
- Fire protection is provided via ionisation and optical detectors in suites, roof cavities and sub-floors.
- A Highly Sensitive Smoke Detection (HSSD) System is also in place to detect fires before they flare.
- The RapidLEI platform is hosted on a fully redundant managed hosting platform.
- All elements of the RapidLEI platform servers, storage, network & security devices and applications are provided by industry leading tier 1 vendors.
- The RapidLEI platform has been designed from the outset to provide the highest levels of uptime, performance and security.
- Multiple-layers of security are utilised, including endpoint protection, next generation firewalls & application firewalls with comprehensive reporting and monitoring. Products from multiple vendors are utilised in accordance with Best Practices.
- Data “in flight” to/from the RapidLEI servers is secured with 256-bit encryption, data at rest in on-site and off-site back-ups is also secured with 256-bit encryption.
- Access Control to vetting and validation data uses RBAC permissions allocated on the principles of least privilege.
- Terms of service contracts are Digitally Signed and timestamped
- The RapidLEI platform is backed up on a 15-minute basis to both a local on-site and remote off-site Data Centre.
- All backup data is encrypted using AES 256-bit encryption at both rest and in transit.
- An automated full system recovery is performed once every 24 hours to ensure the integrity of the backed-up data.
- In the event of a failure of the primary hosting systems or Data Centre environment, RapidLEI can be recovered in either the primary or secondary Data Centre to separate isolated recovery systems.
- Disaster Recovery processes are regularly tested and any improvements to the process implemented and then re-tested.
Third Party Accreditations
- RapidLEI is the marketing brand of Ubisecure Oy. Ubisecure Oy is GLEIF Accredited, and its Information Security Management System is ISO 27001 certified.
- The software development environment is ISO 9001:2015 certified.