Security & Availability

Virtual Cabinet Legal

Security & Availability

GetBusy products and services adhere to the highest industry standards for security. You can use our products and services with confidence, safe in the knowledge that we use the same security methods and principles as the most diligent of institutions such as government bodies and financial institutions.

We have teams of experts using the latest technologies and best practices to ensure that our products are, and remain, safe and protected so you can use them worry free.

Processes

Security of our products and services, including how they are designed, built, tested and worked on, and by whom, are our highest priorities. We are proud to be ISO27001 compliant in the UK and for our UK developed products: GetBusy, Virtual Cabinet and Virtual Cabinet Portal, and aim to exceed industry standards for all of our products.

Encryption

All data in transit across all of our products and services, outside of your own network, is encrypted as well as certain customer content data, such as documents, which are encrypted at rest.

Data Centres

We use infrastructure and services provided by Amazon Web Services (AWS). AWS, like us, treat security as their highest priority. AWS documentation on the security of their infrastructure and services is comprehensive and can be found here https://aws.amazon.com/security/

Specific details about physical and environmental security and network architecture can be found in their white paper AWS: https://d0.awsstatic.com/whitepapers/Security/AWS_Security_Whitepaper.pdf

The Virtual Cabinet Portal application is hosted in the AWS EU (London) region, with encrypted data backups stored in AWS EU (Ireland) to provide cross-region redundancy.

Penetration Testing

We conduct regular Penetration testing of all our products and services by specialist independent and industry accredited third party penetration professionals.

Availability

We leverage the best that AWS has to offer to provide high levels of availability, redundancy and scalability.

Data Protection

We are fully committed to all Data Protection regulatory requirements that are in place in the territories where we operate and have in place a Privacy Policy that covers:

  • Your privacy rights and how to exercise them;
  • How we collect, use, share and protect your personal data;
  • The legal bases we rely on to process your personal data; and
  • How we operate in our capacity as a data processor acting on your behalf.

We have tools and processes as well as a dedicated Security and Compliance staff to ensure that we stay on top of all Data Protection Requirements, and we actively monitor regulatory guidance and interpretations of key Data Protection requirements to make sure we're well informed and doing the right things in the right way.

Last updated July 2019.