Last Updated 7th February 2019
At Brain in Hand we strive to make our system as secure as possible; our aim is to protect your data and the data that we collect when you use our applications.
We protect your data with a number of ways and follow industry standards where possible.
All communications between our clients (browser and Mobile applications) and our servers use TLS to secure our http web traffic. This ensures that no one can listen in to the data being transmitted.
Personal Information Security.
Personal information and contact information is only accessible to the administrators and responders that have been assigned to your responder group. Any emails or text messages sent to responders (as a result of a red traffic light press) will contain the users initials. Personal information is only accessible once the responder has logged in.
Brain in Hand is hosted in Microsoft’s Azure data centres. Our primary servers are hosted in London whilst our backup servers are hosted in Cardiff. We store all our information in a MongoDb database; access to this database is limited by a firewall to only 2 IP addresses. One is the IP of our application servers and the other is our offices in Exeter. Even then access is only granted to administer and maintain the integrity of the database.
Once created our application servers are locked down to a level where we do not have direct access and all our applications are deployed as containers; this is to reduce our exposure to hacking. If we suspect our servers or containers have been compromised then we can recreate from standard server images in a short period of time.
Updates to our Policy
We may amend or update our Security Policy as we improve our technical security and approaches. We will provide you notice of amendments to this Security Policy, as appropriate, and update the “Last Modified” date at the top of this document.