Standards and compliance

aql holds full ISO27001:2013 compliance across all products, services and data centre sites. We're compliant with NHS IGToolkit and Codes of Connection.

Our systems are hardened in accordance with industry best practice, monitored by an intrusion detection system (IDS) and replicated at multiple secure data centres over private layer-2 links.

Security should not be a split role. aql operates a dedicated 24/7 security team and all key staff hold British Government National Security Vetting clearances and Metropolitan Police Non-Police Personnel Vetting certificates. Our teams are SIA registered and government vetted to SC clearance level.

image: ISO and NHS security standards
image: Security - confidentiality

Confidentiality

All our services are delivered over secure and fully encrypted channels. These include our aql.com web portal and application programming interfaces (APIs). Industry standard encrypted protocols are used to protect the confidentiality of our customers' data before it traverses any public or private networks.

We support and assist with the installation of private links and virtual private networks (VPN) between our datacentres and those used by our customers. Our aql.com web portal supports the real-time deletion and encryption of SMS sent items to maintain confidentiality. All our email based services support TLS as standard.

Availability

Our network is designed to be fault-tolerant and is load-balanced in a high-availability configuration. Underpinning the reliability of our network service lies a resilient, globally load balanced, multi-site presence across ten datacentres in London, Manchester and Leeds. Each of our site has multiple connections to network service and transit providers, and a resilient MPLS core ring connecting each of our points-of-presence.

We proactively monitor millions of quality- and security-related metrics every day, including hardware, network and application layer attributes, to ensure systems are performing correctly and to defined standards. We offer a 100% availability SLA to all our customers connecting to three or more of our points-of-presence.

image: Security availability
images: Security resilience

Resilience

We use multiple-vendor resilient edge-routers on all our sites, operating industry standard fail-over protocols, allowing resilient peering to be achieved with our customers. Connections to mobile network service providers are made from least two of our points-of-presence, providing a high-level of availability.

In addition, our primary, secondary and tertiary sites are resilient for network connectivity, power, and cooling. We also operate resilient N+1 infrastructure (N+1 power, generation, UPS, fire detection, cooling and monitoring).

CiSP

aql have been chosen by CERT-UK to establish and grow the Yorkshire and Humber CiSP (Cyber-security information Sharing Partnership) community. As part of aql’s commitment to work with businesses in our Region, we are helping all companies to improve their own cyber protection in our role as the nominated champion of the Yorkshire and Humberside Regional CiSP – a free national programme run by the Cabinet Office.

All CiSP members are provided with the latest information and updates on cyberthreats and vulnerabilities by a joint government and analytical team, adding value to CiSP members and helping organisations reach cyber maturity. Over 2,200 organisations benefit from this, as well as over 6,100 individuals.

images: CERT-UK and CISP