Secure Data Storage
At iinsight®, we understand the importance of data protection and security for our customers. We store our client’s data across three data centres (availability zones) in each of the seven countries we serve. By partnering with Amazon Web Services (AWS), we maintain a local presence and comply with data retention regulations in each country. Which means that your data will NEVER leave the country of origin. Our distributed storage infrastructure guarantees software, hardware, and data centre level redundancy, providing a remarkable uptime of 99.999%.
Data Backups
At iinsight®, we prioritise the safety and availability of your data. To ensure comprehensive data protection, we have implemented robust backup practices. We perform regular backups of your data, providing an added layer of security and peace of mind.
Data Backups Every 5 Minutes
We understand the importance of real-time data integrity. That's why we perform backups of your critical data every 5 minutes, capturing any changes or updates made within that timeframe. This frequent backup schedule ensures minimal data loss in the event of an unforeseen incident.
Collateral Backups Every Hour
In addition to data backups, we also prioritise the protection of your collateral, which includes various file types such as video files and other important assets. We perform backups of all collateral files on an hourly basis, ensuring that your valuable content remains safe and accessible.
Data Encryption
The security of your data is paramount to us. All data within the iinsight® platform, including documents and client collateral, is encrypted in transit and at rest using TLS 1.2, ensuring secure transmission and storage.
Privacy and Single Tenancy
We operate under a single tenanted model, providing each organization on the iinsight® platform with its own private database and document repository. Our operations comply with the Privacy Act 1988, which is further evidenced in our ISO 27001 and ISO 9001 Integrated Management System Policies and Procedures.
24x7 Monitoring and Maintenance
To mitigate potential threats, we maintain a 24x7 monitoring and maintenance arrangement. Our dedicated staff promptly responds to monitoring software alerts, and we collaborate with AWS to monitor web application firewalls and load balancers, proactively blocking access from unwarranted IP addresses.
Regular Security Assessments
We prioritize proactive security measures through third-party engagements. Artifice Security conducts quarterly Web Application Penetration Testing (PEN) to identify vulnerabilities and ensure robust security. Additionally, we leverage a third-party automation software that performs deep code vulnerability testing, conforming to the OWASP standards. These assessments occur fortnightly and are reviewed diligently.
Accreditations and Compliance
We take compliance seriously and undergo external audits annually to ensure adherence to industry standards. Our accreditations include:
- ISO9001:2015 (Quality Management Systems) – Australia/New Zealand/International
- ISO27001:2013 (Information Security Management Systems) – Australia/New Zealand/International
- GDPR (General Data Protection Regulation) – United Kingdom and European Union
- HIPAA (Health Insurance Portability and Accountability Act) – United States
- PIPEDA (Personal Information Protection and Electronic Documents Act) - Canada