We use multiple redundancy technologies provided by Azure for our data centres and infrastructure. These ensure that if any component fails, Inflo will keep on running – with little or no disruption to your service.
We take a “defence in depth” approach to protecting our systems and your data. Multiple layers of security controls protect access to and within our environment, including:
Our security services are configured, monitored and maintained according to industry best practice.
We use multiple redundancy technologies provided by Azure for our data centres and infrastructure. These ensure that if any component fails, Inflo will keep on running – with little or no disruption to your service.
Inflo performs real-time data replication between our geographically diverse, protected facilities, to ensure your data is available and safely stored. This means that should even an unlikely event occur, such as an entire hosting facility failure, we can switch over quickly to a backup site to keep Inflo and your business running.
We’re constantly enhancing Inflo, delivering new features and performance improvements. Updates are delivered frequently, with the majority of them being delivered without interrupting our service and disrupting users.
We understand that security is a priority when you’re exchanging confidential data and asking your clients to do the same. That’s why security and resilience are not only embedded into our technology, but also the culture of our entire organisation.
As an Inflo customer you have the flexibility to invite multiple users to upload data to a client engagement and view the results of analysis. The lead user has control over who has access and what they are able to do.
We provide access to the Inflo platform through a unique username and password. Inflo enforces strong password requirements and locks accounts after repeated failed login attempts to prevent brute force attacks. For added protection, two-factor authentication (2FA) or multi-factor authentication (MFA) can be enabled on each Inflo user account, adding an extra layer of security.
We encrypt all data that goes between your client and Inflo using industry standard TLS (Transport Layer Security) running 256-bit encryption. Your data is also encrypted at rest using 256-bit AES.
We protect our public-facing web systems with dedicated firewalls, load balancers, DDoS & HTTP DoS mitigation, and IP reputation filtering.
We operate an information security management system (ISMS) which leverages security best practices according to ISO 27001 and SOC 2 – recognised as the premier standard around the world. Our policies and procedures cover administrative, technical and physical safeguards to keep your data secure. To demonstrate our commitment to this standard, we continually manage and improve our ISMS.
Our information security practices have been accredited to the International Standards for Information Security Management Systems (ISO/IEC 27001:2022).Our independent third-party auditor, Lloyd’s Register Quality Assurance (LRQA), maintains its ISO 27001 accreditation from the United Kingdom Accreditation Service (UKAS).
The AICPA Service Organization Control (SOC) 2 Type II audit audit confirms that our information security practices, policies, procedures, and operations meet the SOC 2 standards for security.We were audited by Prescient Assurance, a leader in security and compliance certifications for B2B, SAAS companies worldwide. An unqualified opinion on a SOC 2 Type II audit report demonstrates to our current and future customers that we manage their data with the highest standard of security and compliance.
Inflo ensures the highest levels of data security and compliance by hosting and processing all data within Microsoft Azure’s secure, multi-tenant data centres, strategically located across different regions. Each Inflo instance is assigned to a dedicated data centre within its region, ensuring localized data storage and regulatory compliance.
Inflo instance: emea.inflosoftware.com
Primary data centre: North Europe (Ireland)
Backup data cetre: West Europe (Netherlands)
Inflo instance: us.inflosoftware.com
Primary data centre: West US 2 (Washington)
Backup data cetre: West Central US (Wyoming)
Inflo instance: amer.inflosoftware.com
Primary data centre: Canada Central (Toronto)
Backup data cetre: Canada East (Quebec City)
Inflo instance: apac.inflosoftware.com
Primary data centre: Australia East (New South Wales)
Backup data cetre: Australia Southeast (Victoria)
You and your clients own your data. We’re committed to keeping it private, which is why we abide with the principles of the General Data Protection Regulation (GDPR). For more information see our Data Privacy Statement.
Book a demo today and discover how Inflo can transform your audit practice.