At Perfect Portal, the security of our service is of utmost importance. Our clients entrust us with millions of confidential pieces of information every day. Ensuring we keep that information secure, is core to our product offering.
Perfect Portal’s cloud infrastructure is maintained by the industry leading cloud platform provider, Amazon Web Services (AWS), in multiple unmarked facilities within the Ireland region.
The terms of agreement between Perfect Portal & AWS, are here: http://aws.amazon.com/agreement/ AWS has achieved a substantial amount of certification and compliance in industry standards, which recognise best practices in Information Security.
For a full listing of AWS certification and compliance, visit https://aws.amazon.com/compliance/
Perfect Portal utilises multiple layers of security controls (software, physical and process based) to protect our client data. This includes, but not limited to;
• Local & Network Firewalls
• Web Application Firewalls
• Intrusion Detection & Prevention Systems
• Application White Listing
• DDoS Throttling Services
• Access Control Lists
• Security Patch Management
• ITIL Framework (release/incident/change)
• Identity and Access Management
• Centralised Log Management• Symmetric and Asymmetric Encryption systems
• Two Factor Authentication
• Secure Code reviews
• Separation of Duties
• Data Loss Prevention
• Vulnerability Assessment
• Anomaly Detection
• Remote Monitoring & Alerting
Each Perfect Portal application is accessed via HTTPS using Transport Layer Security (TLS). TLS is a cryptographic protocol designed to protect information transmitted over the internet, against eavesdropping, tampering, and message forgery.
Once client data reaches Perfect Portal’s cloud infrastructure, all information is then encrypted at rest, using industry standard AES-256 encryption. This is done to protect client information in the event a Perfect Portal server is compromised by an unauthorised party.
Perfect Portal has been designed to be a highly available, active-active solution. Perfect Portal’s services are split over multiple AWS datacentres within the UK. In the event of one data centre going offline in a disaster scenario, the second data centre continues to serve data with minimal, if any, service interruption.
Perfect Portal’s service is designed to scale up as more clients use it at peak times, and then scale down at low times. This scaling allows Perfect Portal to mitigate external attacks trying to flood our system resources.
The data contained in Perfect Portal remains the property of the licensed subscriber. If the subscriber ends their agreement with Perfect Portal, Perfect Portal will retain the data for a minimum of seven (7) years, before having it destroyed.
At any time during the post active subscription, seven (7) year period, a subscription can be reactivated to gain access to the client data. Unless directed by the customer to remove all copies of data, backups of the data may remain in Perfect Portal archives as part of our standard retention policies.
Perfect Portal servers are backed up multiple times daily, weekly and monthly.
Perfect Portal servers are backed up multiple times daily, weekly and monthly.