Introduction

Our Security policies cover a wide range of topics including the following.

Access Security & Password Policy

Customer Data is stored in the cloud by one of the largest cloud storage firms in the world.  For security purposes, we deliberately do not name our could provider in this document.  Access to our cloud infrastructure is carefully controlled at different levels and we have adopted best practice access controls as advised by our cyber security advisors.

We have also enforced a password policy to ensure that customers enter a password that is not easily compromised to safeguard their data.

Infrastructure Team

Access to the cloud infrastructure is restricted to specific locations and user level access is further restricted to a limited number of key individuals, all who are governed by contracts of employment that contain confidentiality clauses.

Patching Policy

Our cloud provider is responsible for making available the latest patches to the server infrastructure and the application of those patches is controlled by our infrastructure team.

The UK Government provide us with regular communication altering our development team to update Fraud Prevention Headers to ensure that the security of our app that interacts with their system is aligned with their latest security policies.

Authentication Policy

Rhino software uses two-step authentication to control access to key infrastructure components.

Cybersecurity Policy

All computers and devices must have anti-virus software installed and must be always activated.

Incident response policy.

All incidents are escalated to the CEO Eugene Blaine who will direct the relevant teams and activities required to address the incident and mitigate the impact of the incident.

Physical access policy.

Rhino Software Limited do not use public offices and takes all reasonable precautions to safeguard company assets.