white pro-cloud iconwhite pro-cloud icon
Pro-Cloud Login
data security icon

DATA
SECURITY

Complying with security procedures is a
(top) priority here at CSS, especially when
it comes to handling data correctly.

Book a Demo

Data Security is paramount at CSS

Our asset management platform has been hosted with the market leading provider Rackspace UK Limited for over 8 years, continually achieving zero customer down time ever since. Our asset management solution is also included with managed threat detection by Alert Logic.

CSS is committed to planning and preparing in the event of extended service outages caused by factors beyond our control and to restore service, to the widest extent possible, in a minimum time frame.

The following general objectives are to ensure limited disruption in the event of an incident or crisis:

  • There will be a logical recovery of the business
  • Impacts will be kept within acceptable levels
  • Business will continue as usual, as much as possible
laptop and phone with padlock overlayed
secure file icon

Disaster recovering planning

We have a SQL Server Always On availability group setup between our main and DR site locations, so that we have real-time replication of data to an off-site location in case of disaster.

With our hosting provider, Rackspace, all data is held within UK Data Centres in a private environment with specific sensitive fields within the database that are encrypted using AES 256bit encryption. All data also uses the Pseudonymization procedure to protect and replace field with artificial identifiers wherever possible.

Vulnerability tests are taken regularly at CSS to ensure data security with independent tests taking place annually as part of our Cyber Essentials Plus testing. Independent annual penetration testing also takes place with an independent Crest approved auditor.

Always keeping security levels high

CSS ensures that all staff are fully trained in data security and training continues throughout their employment on an annual basis. Employees are contractually aware of their responsibilities, the security breach policies, and the sanctions if they engage in inappropriate behaviour.

CSS act as data processors and put all necessary systems in place for contracts to manage their data including but not limited to:

  • New data
  • Data imports
  • Updating / amending data
  • Processing
This site uses cookies. By continuing to use this website you agree to the terms and conditions set out in our privacy policy. You can view our current policy here.