Standard and compliance
aql holds full ISO27001:2013 compliance across all products, services and datacentre sites. We're compliant with NHS IGToolkit, Codes of Connection. We also provide services for government up to HMG Infosec IL5. All our datacentres are also PSN sites.Our systems are hardened in accordance with industry best practice, monitored by an intrusion detection system (IDS) and replicated at multiple secure data centres over private layer-2 links.
All our key staff members hold British Government National Security Vetting clearances and Metropolitan Police Non-Police Personnel Vetting certificates. Security should not be a split role. aql operate a dedicated 24/7 security team.
Our teams are SIA registered and also Government Vetted to SC clearance level.
All our services are delivered over secure and fully encrypted channels. These include our aql.com web portal and application programming interfaces (APIs). Industry standard encrypted protocols are used to protect the confidentiality of our customers' data before it traverses any public or private networks.
We support and assist with the installation of private links and virtual private networks (VPN) between our datacentres and those used by our customers. Our aql.com web portal supports the real-time deletion and encryption of SMS sent items to maintain confidentiality. All our email based services support TLS as standard.
Our network is designed to be fault-tolerant and is load-balanced in a high-availability configuration. Underpinning the reliability of our network service lies a resilient, globally load balanced, multi-site presence across ten datacentres in London, Manchester and Leeds. Each of our site has multiple connections to network service and transit providers, and a resilient MPLS core ring connecting each of our points-of-presence.
We proactively monitor over 600,000 quality and security related metrics every day, including hardware, network and application layer attributes, to ensure systems are performing correctly and to defined standards. We offer a 100% availability SLA to all our customers connecting to three or more of our points-of-presence.
We use multiple-vendor resilient edge-routers on all our sites, operating industry standard fail-over protocols, allowing resilient peering to be achieved with our customers. Connections to mobile network service providers are made from least two of our points-of-presence, providing a high-level of availability. In addition, our primary, secondary and tertiary sites are resilient for network connectivity, power, and cooling. We also operate resilient N+1 infrastructure (N+1 power, generation, UPS, fire detection, cooling and monitoring).
aql have been chosen by CERT-UK to establish and grow the Yorkshire and Humber CiSP (Cyber-security information Sharing Partnership) community. As part of aql’s commitment to work with businesses in our Region, we are helping all companies to improve their own cyber protection in our role as the nominated champion of the Yorkshire and Humberside Regional CiSP – a free national programme run by the Cabinet Office.
All CiSP members are provided with the latest information and updates on cyberthreats and vulnerabilities by a joint government and analytical team, adding value to CiSP members and helping organisations reach cyber maturity. Over 2,200 organisations benefit from this, as well as over 6,100 individuals.
How we can help you
Many of our services are provided into banking, healthcare and other stringent industries. We provide our clients with tailored information security consultancy and support to ensure that any solution we provide is demonstrably secure to any third party accreditation. If you are interested in engaging aql's information security and assurance consultants, or our penetration testing team, please get in touch.