Security and Data Protection
How we keep your data secure – all you need to know
In safe hands
Moving to a new intranet platform can be daunting, we know that. That’s why we’re clear and open about where your data is stored and how we protect it.
The details below summarise where data is stored, how it is stored and how we ensure that it is as safe as possible. We’ve been audited by big organisations like Shell and the NHS, so everything you read is tried and tested.
Hosting and infrastructure
Twine is hosted on Amazon Web Services. Our servers are hosted in data-centres with the following attributes:
- ISO27001 (Security Management Standard)
- SOC 1 (Audit Controls Report)
- SOC 2 (Compliance Controls Report)
- SOC 3 (General Controls Report)
- UK DPA 1998 (Data Protection Act)
- EU Dara Protection Directive (Data Protection Framework)
- ISO 9001 (Global Quality Standard)
- ISO 27017 (Cloud Specific Controls)
Our database data is encrypted at rest and all connections are via TLS with a Qualys SSL Test A grade.
Authorisation and employee security
We give you the tools to make logging in to Twine straightforward, whilst remaining secure. We never store raw passwords, and passwords are always securely hashed and salted.
- Active Directory and LDAP integration
- Google, Microsoft and LinkedIn authentication supported
- Auto Logout available
For a detailed copy of our Security and Infrastructure, just get in touch and we’ll gladly provide you with all the information you, or your IT team, need. Things like:
- Access Control Policy
- Data Handling Guidelines
- Data Protection Policy
- Incident Management Policy
- Information Classification Policy
- Information Security Policy