Security & Infrastructure
Your privacy and cyber security are very important to us. In the spirit of transparency and openness, here are some of the security measures we take to protect your data:
To prove our high commitment to strong security, availability and privacy, we have gone through Cyber Essentials Plus. Cyber Essentials Plus is an UK Government backed, audited, minimum standard scheme that protects against the most common cyber attacks.
The paragraphs below summarise how we keep your data secure:
Bowtie Master is made up of the following key architecture components hosted on cloud infrastructure powered by Microsoft Azure Platform as a Service (PaaS):
- Web Portal (Vue CLI) – User interface providing all functionality and features served via secure socket layer (SSL) via HTTPS endpoint with encryption in transit between web portal and API data and authorisation services.
- Auth & API Service (.NET Core App Service) – Data services facilitating all data GET, POST, PUT and DELETE operations via API secured by standard JWT token with 5 minute access token expiration window and 60 minute token refresh principle.
- Azure SQL – Database storage for all tenant data sets segregated by tenant identifiers only accessible from app service with no external/
Where is Bowtie Master hosted?
Bowtie Master is deployed on a designated cloud environment within Microsoft Azure and therefore adopts the existing Azure security framework as part of the infrastructure security policy, please refer to the Azure Security information for further details.
How is data encrypted?
Sensitive data such as personnel details and credentials will be encrypted at rest within the application database using irreversible one-way hashing algorithms. This ensures that any compromise of database data will not lead to exposure of sensitive data.
What other security features do you have?
Accounts are password protected and are automatically locked out after multiple failed attempts. Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are available to all users.
How is security monitored?
Azure application environment monitoring features configured with appropriate application insights and alarm settings notifying support personnel of any vulnerabilities or infrastructure issues.
Do you use SSL Security?
Using a Secure Socket Layer (SSL) for all data transfer requests to and from the website will ensure that the web platform data transport may not be compromised by any potential attacks.
Is data backed up?
- PITR (Point In Time) Restoration – Up to 7 days any minute of the day
- Weekly backups – For a maximum of 4 weeks
- Monthly backups – For a maximum of 12 months
Check out our help centre or contact us
