Security FAQs

Helping you with answers to security questions

We believe in being as open and transparent as possible. Here, you can browse for the answers to security questions commonly asked in the RFI process.

If there's a security question you have that's not answered, contact us.

How can we help?

How do you encrypt user data?

User data is encrypted in transit via HTTPS/SSL

Who can see or have access to user data?

Configurable access roles within the system control who can access information via the system.

How do you isolate my data from other clients?

Data is segregated at the database layer so no one outside your organisation can access your data.

What are your disaster recovery processes?

All client instances of TalonFMS are managed by our Business Continuity Management Policy.

How do you screen your employees and contractors?

Standard employment background checks are carried out by an independent third party.

What measures do you have in place to prevent unauthorised viewing of customer data?

Data access is controlled via configurable roles with access permissions. Our employees/contractors use these roles to access data via the system and do not have direct access to database unless nominated and for special support purposes.

What actions do you take to destroy customer data?

We do not store any physical copies of customer data. Digital data is deleted in situ.

What happends if you misplace customer data?

All incidents are handled as per the process defined in our Incident Management Policy.

How is activity in my account monitored?

Standard system actions are logged. Client access to these can be discussed during implementation based on your individual requirements.

How much data replication is carried out and what level of data durability do you provide?

Our database offers High Durability via a combination of physical and logical backups. Static assets on S3 have durability outlined here https://aws.amazon.com/s3/faqs/

How much control do I retain over my data?

You would typically retain control over your data but details are agreed during contractual process.

How often are backups made?

Backups are made daily and stored securely in Amazon Web Services. In addition, backups may be made periodically for maintenance purposes.

Is TalonFMS ISO certified?

Yes. TalonFMS has been externally audited by an independent UKAS accredited certification body and has achieved ISO 27001:2013 certification. Our Business System Manual is available to interested parties on request. Contact: [email protected]