Standards and compliance

We're compliant with NHS IGToolkit and Codes of Connection.

Our systems are hardened in accordance with industry best practice, monitored by an intrusion detection system (IDS) and replicated at multiple secure data centres over private layer-2 links.

Security should not be a split role. aql operates a dedicated 24/7 security team and all key staff hold British Government National Security Vetting clearances and Metropolitan Police Non-Police Personnel Vetting certificates. Our teams are SIA registered and government vetted to SC clearance level.

image: Security - confidentiality


All our services are delivered over secure and fully encrypted channels. These include our web portal and APIs. Industry standard encrypted protocols are used to protect the confidentiality of our customers' data before it traverses any public or private networks.

We support and assist with the installation of private links and virtual private networks (VPN) between our data centres and those used by our customers. Our web portal supports real-time deletion and encryption of SMS sent items to maintain confidentiality. All our email-based services support TLS as standard.


Our network is designed to be fault-tolerant and is load-balanced in a high-availability configuration. Underpinning the reliability of our network service lies a resilient, globally load balanced, multi-site presence across 10 data centres in London, Manchester and Leeds. Each of our sites has multiple connections to network service and transit providers, and a resilient MPLS core ring connecting each of our points-of-presence.

We proactively monitor millions of quality- and security-related metrics every day, including hardware, network and application layer attributes, to ensure systems are performing correctly and to defined standards. We offer a 100% availability SLA to all customers connecting to three or more of our points-of-presence.

image: Security availability
images: Security resilience


We use multiple-vendor resilient edge-routers on all our sites and operate industry standard fail-over protocols, allowing resilient peering to be achieved with our customers. Connections to mobile network service providers are made from least two of our points-of-presence, providing a high-level of availability.

In addition, our primary, secondary and tertiary sites are resilient for network connectivity, power, and cooling. We also operate resilient N+1 infrastructure (N+1 power, generation, UPS, fire detection, cooling and monitoring).


aql has been chosen by CERT-UK to establish and grow the Yorkshire and Humber CiSP (Cyber-security information Sharing Partnership) community. As the nominated champion of the Yorkshire and Humberside regional CiSP – a free national programme run by the Cabinet Office  and as part of our commitment to the region, we help companies across the North improve their own cyber protection.

All CiSP members are provided with the latest information and updates on cyberthreats and vulnerabilities by a joint government and analytical team, adding value to CiSP members and helping organisations reach cyber maturity. Over 2,200 organisations benefit from this, as well as over 6,100 individuals.

images: CERT-UK and CISP