Security & Privacy
Security at Fluid
At Fluid, we prioritize the security of our platform and your data above all else. We prove our Security and Privacy to third party auditors. We are in the process of obtaining SOC2 Type II, and maintain ISO 27001:2013 certification through external audits and adhere to European and UK GDPR regulations. Additionally, we operate in alignment with ISO 9001 standards. Our infrastructure is designed with layers of protection to help ensure your data is secure while transmitted, stored, or processed. Protections include encryption, least privilege access, and secure software development practices. Below are some of the security practices and features we implement::
ISO 27001:2013 Certified: Fluid complies with the ISO 27001:2013 standard, an internationally recognized framework for information security management systems (ISMS). Our certification is validated through external audits.
GDPR Compliance: We fully adhere to European and UK General Data Protection Regulation (GDPR) standards, ensuring that your personal data is handled in compliance with legal requirements.
Cyber Essentials Certified: We hold Cyber Essentials certification, signifying our commitment to cybersecurity best practices and protection against cyber threats.
ISO 9001 Standards: Our commitment to quality extends to ISO 9001 standards, reflecting our dedication to providing excellent service and continuous process improvement.
Data Encryption: All data transmitted between your device and our servers is encrypted using industry-standard encryption protocols to maintain data privacy and security.
Authentication and Access Control: We use multi-factor authentication to verify user identities and maintain strict access controls.
Regular Security Audits: Our security team conducts regular audits and vulnerability assessments to identify and address potential security weaknesses.
Data Backups: We maintain regular data backups to prevent data loss and ensure business continuity.
Security Updates: Our systems are consistently updated with the latest security patches and updates to protect against known vulnerabilities.
Incident Response Plan: We have a well-defined incident response plan in place to promptly respond to and mitigate security incidents.
User Education: We provide resources and guidelines to help users maintain strong security practices, including password hygiene and data protection.
Customer Support: Our dedicated support team is available to assist you with any security-related concerns or questions you may have.
CLOUD HOSTING
At Fluid, we prioritize the security and integrity of your data. That's why we've chosen Microsoft Azure as our trusted hosting partner. Microsoft Azure's state-of-the-art data centers provide a robust foundation for Fluid, ensuring both security and compliance with international standards.
Secure Data Centers:
Azure's data centers are fortified with cutting-edge security measures. These facilities feature 24/7 surveillance, strict access controls, and physical barriers to safeguard against unauthorized intrusion. Your data is shielded from physical threats with the highest level of protection.
ISO Standards Compliance:
Microsoft Azure holds various ISO certifications that exemplify its commitment to security and best practices. The ISO 27001 certification, for instance, guarantees that Azure's data centers have implemented stringent security controls to shield data from unauthorized access and security breaches. In addition to ISO 27001, Azure also adheres to ISO 27017, which focuses on cloud security, and ISO 27018, dedicated to cloud privacy. These certifications affirm Azure's dedication to the secure handling of your data in the cloud.
SOC Audits:
Azure also regularly undergoes Service Organization Control (SOC) audits, further strengthening the security of Fluid. The SOC 1 audit evaluates controls related to financial reporting, which can impact financial statements when using Azure services. Additionally, the SOC 2 audit scrutinizes Azure's controls concerning security, availability, processing integrity, confidentiality, and privacy. This ensures that your application operates within a secure and compliant environment. For ease of reference, Azure's SOC 3 reports provide publicly available summaries of the SOC 2 audit, offering high-level assurance of the security and compliance measures in place.
Because Fluid is hosted on Microsoft Azure, you can rest assured that your data is housed in secure data centers that meet stringent ISO and SOC standards. This commitment to security and compliance allows you to focus on delivering top-notch service to your users while Azure takes care of the infrastructure's integrity and security. Your data is in safe hands with Fluid and Microsoft Azure.