This document outlines the security approach we implement when developing platforms. Security is built in from day one, not added later. Every platform is designed to be secure by default, enabling users to operate with confidence while we handle the complexity behind the scenes.
We implement passwordless login to remove the risks associated with traditional passwords.
- How it works: Users receive a secure, single-use login link via email whenever they need to access platforms.
- Why it matters: Access is tied directly to control of the user's email account. When paired with modern providers such as Google Workspace or Microsoft 365, which support strong security measures like two-factor authentication, this approach becomes as secure as the email account itself. It also removes risks such as password reuse and brute-force attacks.
Session management is configured with strict security controls to prevent data leakage or misuse.
- Restricted scope: Session data is only accessible within platforms, preventing access from other websites.
- Script protection: Cookies are inaccessible to client-side scripts, reducing the risk of theft via malicious code.
- Encrypted transport: All data is transmitted over HTTPS, ensuring end-to-end encryption.
Sensitive data is never stored in a readable format.
- One-way hashing: Critical data such as login tokens is transformed into irreversible encrypted values.
- Injection prevention: All database interactions are structured to prevent malicious input from manipulating queries or exposing data.
A granular permissions system ensures users only access what they need.
- Access is assigned based on role and responsibility.
- This minimises risk by limiting exposure of sensitive data and functionality.
Additional safeguards operate at the browser level to prevent common attack methods.
- Clickjacking prevention: Platforms cannot be embedded in malicious overlays designed to trick users.
- Content enforcement: Browsers are instructed to strictly interpret file types, preventing disguised malicious files from executing.
To protect against automated attacks and system abuse, request throttling is applied.
- Login attempts and key actions are limited within defined time windows.
- This reduces the risk of brute-force attacks and service disruption.
Systems are designed to fail safely.
- Users see simple, non-technical error messages.
- Detailed diagnostics are securely logged for internal review only, ensuring no sensitive system information is exposed externally.
All emails and notifications are sent through a secure, API-driven delivery service designed for reliability and protection.
- Messages are sent via encrypted API connections and delivered over TLS.
- Domain authentication is enforced using DKIM signing, SPF validation, and DMARC policies.
- Delivery is handled through trusted, high-reputation infrastructure with full tracking.
- Why it matters: Emails are authenticated, tamper-resistant, and reliably delivered to the intended recipient. This reduces the risk of spoofing, interception, and messages being flagged as spam, while providing full visibility over delivery and performance.
Comprehensive audit logging is built into platforms to provide full visibility over user activity and system changes.
- Key actions such as logins, data changes, and administrative updates are recorded automatically.
- Each event is timestamped and linked to the responsible user, creating a clear and traceable history.
- Logs are stored securely and are protected against tampering.
- Why it matters: Audit trails provide accountability, support compliance requirements, and make it easier to investigate issues or suspicious behaviour. They ensure complete transparency over how platforms are used and how data is accessed or modified.
This approach ensures platforms remain secure, resilient, and aligned with modern best practices, without introducing unnecessary friction for users.