Overview
Our specialized web platforms are used across the world by our clients, and by ourselves here at DBLX, to work and learn safely and securely. We understand that security and privacy is the number one concern for the organisations we work with, many of who operate in highly-regulated and security-conscious industries.
Our cloud-based platforms are built with this in mind, offering industry-leading protection security as standard to protect the data of your business, employees and customers.
Reliability
When you work from anywhere, you need to be confident your data is available whenever (and wherever) you need it. Our systems are hosted on Amazon Web Services (“AWS”) across multiple availability zones. That way, if one ever fails, your service remains totally uninterrupted. For more information on this, please visit the AWS security page.
Under the Hood
Our custom web platforms implement a security-oriented design in multiple layers, one of which is the application layer. Our applications are developed according to frameworks such as the OWASP Top 10 and all code is peer-reviewed prior to deployment.
DBLX also employ several industry standards to ensure the separation and isolation of client data across web applications, including: TLS traffic encryption supporting TLS 1.2 at minimum, API access controls, database layer encryption, automated backup systems with Point-in-Time recovery, appropriate password strength policies by default, and two-factor-authentication.
Behind the Scenes
We use a comprehensive set of tools and services to protect what we love, including:
- Hosting our services behind API gateways;
- Using web application firewall (WAF) for content-based dynamic attack blocking;
- Rate limiting and load balancing;
- Network traffic logs;
Don’t just take our word for it either. We use independent third-party accredited auditors to conduct penetration tests to ensure all our processes and implementations are robust. These tests continue on an annual basis, both within our applications and their infrastructure, to continually ensure we are meeting the highest standards.
Our DBLX Commitment
At DBLX, we pride ourselves on delivering socially responsible software and services to our customers. As part of this, we recognise our responsibility to protect all of the data we hold or process, whether it belongs to DBLX, our employees, customers or suppliers. The information we hold is one of our most valuable assets, preserving the confidentiality, integrity and availability of this information is essential.
Our commitment to data security and management and the continuous improvement of information security controls includes;
- Holding certifications for Cyber Essentials Basic and Cyber Essentials Plus, we are also committed to the annual renewal of these certifications to maintain business security
- Working within security frameworks that meet client requirements, such as ISO27000, NIST CSF, SOC and more. While not holding certifications directly, we can work within these frameworks to ensure compliance for our clients and provide documented evidence in support
- Complying with all relevant information management legislation, regulations and standards
- Ensuring our employees are clear about their responsibilities regarding information security through regular training and awareness campaigns
- Effectively managing the security and scalability of all computer systems and supporting infrastructure
- Defining remote/ off-site working expectations and standards in regards to information security in a new world of hybrid working
- Acting quickly and implementing corrective action in regards to any information security events, breaches or identified weaknesses
Questions about this Policy?
If you have questions about the content of this policy or would like clarity on any of the points included, please contact; info@dblx.co.uk