...
| Expand | ||
|---|---|---|
| ||
Does your organisation allow employees to access company data or services through mobile phones or tablets? Our Mobile & Teleworking Policy provides base level requirements for devices to access our systems. Company owned iPads are used to access our systems, which are monitored via JamfPro Mobile Device Management software and Avast antivirus / malware. Employee and contractors may access company systems via their own mobile devices, with the same access restrictions and privelege levels as they have on company owned machines. All devices used to access our core services via a Google Workspace are registered and monitored in Google’s Mobile Device Management service. This allows us to monitor devices and operating systems for any vulnerabilities. |
...
| Expand | ||
|---|---|---|
| ||
Are any components of the system (hardware, applications, software) outsourced or subcontracted to a third party? Yes. Sites are cloud hosted by Commonplace.
|
| Expand | ||
|---|---|---|
| ||
Are any supporting services (for e.g. system support, service desk, remote administration etc.) outsourced or subcontracted to a third party? Yes, we use a suite of SaaS solutions, which all must comply with our supplier security policy. Our list of sub-processors used within our platform is on our website. The way we deal with sub-processors is covered in our standard license agreement. |
| Expand | ||
|---|---|---|
| ||
What are your ‘patch deployment cycles’ and maintenance windows? We deploy code multiple times per day using Continuous Integration and Continuous Deployment. We have never required any planned downtime and do not expect to do so. Should this change, we will inform our customers with a 14 day advanced notification of the change and keep any interruptions to off peak hours. |
...