Confidential collaboration across the globe

We understand that security is a priority when you’re exchanging confidential data and asking your clients to do the same.
That’s why security and resilience are not only embedded into our technology, but also the culture of our entire organization.


You control access

As an Inflo customer you have the flexibility to invite multiple users to upload data to a client engagement and view the results of analysis. The lead user has control over who has access and what they are able to do.


User authentication

We provide access to the Inflo platform through a unique username and password. Inflo requires strong passwords to be used and locks accounts after repeated failed login attempts to reduce the risk of brute force hacking.


Key security features

We take a “defence in depth” approach to protecting our systems and your data. Multiple layers of security controls protect access to and within our environment, including:

  • HTTPS, SSL/TLS
  • AES 256-bit Encryption
  • Data encrypted in transit and at-rest
  • Dedicated Firewalls and Load Balancers
  • DDoS & HTTP DoS mitigation
  • IP Reputation filtering

Our security services are configured, monitored and maintained according to industry best practice.

Encryption

We encrypt all data that goes between your client and Inflo using industry standard TLS (Transport Layer Security) running 256-bit encryption. Your data is also encrypted at rest using 256-bit AES.

Network Protection

We protect our public-facing web systems with dedicated firewalls, load balancers, DDoS & HTTP DoS mitigation, and IP reputation filtering.


Organizational best practices

We operate an information security management system (ISMS) which leverages security best practices according to ISO 27001 – recognised as the premier standard around the world. Our policies and procedures cover administrative, technical and physical safeguards to keep your data secure. To demonstrate our commitment to this standard, we continually manage and improve our ISMS.


Verified security standards

Our information security practices have been accredited to the International Standards for Information Security Management Systems (ISO/IEC 27001:2013).

Our independent third-party auditor, Lloyd’s Register Quality Assurance (LRQA), maintains its ISO 27001 accreditation from the United Kingdom Accreditation Service (UKAS).

Our certificate of approval can be viewed here


Secure data centres

With Inflo you receive in-region data storage and backup, whether you’re in the United States, Europe, Canada or Australia. We store all data within Microsoft Azure data centres which hold ISO 27001, 27017, 27018, HIPAA, FedRAMP, SOC 1 and SOC 2 compliance standards and certifications. For more information, go to: https://azure.microsoft.com/en-gb/overview/trusted-cloud/


Privacy

You and your clients own your data. We’re committed to keeping it private, which is why we abide with the principles of the General Data Protection Regulation (GDPR). For more information see: Our Data Privacy Statement


Always there

Best in class availability

We use multiple redundancy technologies provided by Azure for our data centres and infrastructure. These ensure that if any component fails, Inflo will keep on running – with little or no disruption to your service.

Built to perform at scale

Inflo has been designed to grow with your business. Our high performance servers, networks and infrastructure ensure we can deliver quality service to you and our thousands of other users.

Disaster recovery and readiness

Inflo performs real-time data replication between our geographically diverse, protected facilities, to ensure your data is available and safely stored. This means that should even an unlikely event occur, such as an entire hosting facility failure, we can switch over quickly to a backup site to keep Inflo and your business running.

Constant updates and innovation

We’re constantly enhancing Inflo, delivering new features and performance improvements. Updates are delivered frequently, with the majority of them being delivered without interrupting our service and disrupting users.