Security of our Hosted Systems

Pisys are certified under ISO 27001:2013, certificate number 618522 with the scope ‘Delivering Pisys’
range of software products and services ‘ You can check our registration with BSI Here

Our commitment to this standard means that we have been assessed for our compliance with the
most rigorous international IS security standard. The standard also requires a top-down commitment to Information Security, driven by the board and involving every staff group - security is baked into everything we do and we are rigorously audited by BSI to ensure that we are maintaining the high standards required

Our systems are hosted with Amazon Web Services. We generally use UK datacentres for customer data but this can be easily changed if necessary

All our systems are highly resilient with automatic failover in case of failure.
They are protected by state of the art firewalls and secure SSL encryption.
Our hosted systems are protected by role based logins – this means that users can only access the
areas of the system to which they have been given access by an administrator.
All data between browser and server is encrypted by SSL certificates.
Anti virus and anti malware systems further reduce the risk of downtime.

Data is backed up regularly in multiple locations, database mirroring is continuous to reduce the risk
of data loss.

Application Security
Our software development process emphasises Secure Development Lifecycle – this means that we
focus on mitigation of risk at each stage in development.