Security

Security Main Image

Secure by ethos

Security is at the core of our company ethos. Our founders, Kashif Barlas and Farhan Ghalib, are both seasoned technical and security professionals with years of experience in the Defence, Government and Financial sectors.

Kashif specialises in Data Security and Privacy. He has ensured that the service complies with GDPR and best practice Data Privacy standards. He brings a wealth of Strategy, Governance, Risk and Compliance expertise as a CISM and CRISC Certified member of ISACA, applying the essential regulatory requirements making the protection of your personal information our top priority.

Farhan is an expert in designing and delivering secure systems with the UK government. He works closely with NCSC colleagues to assess service security against multiple threat vectors. With his expertise, we have designed a reliable and secure system incorporating the latest encryption standards coupled with the necessary best practice security controls.

We maintain our website security controls in line with the National Cyber Security Centre’s 14 Cloud Security Principles to ensure that all aspects of the service meet the highest security standards.

Secure By Ethos
Protecting Personal Data

Protecting your personal data

Your personal information is protected using state-of-the-art technology, and through the law that requires us to provide full protection to your personal data. Your personal information is encrypted in flight and at rest ensuring that even if someone was able to get hold of the data, they would not be able to decipher it. We have implemented multiple layers of security with no external access to our database.

All data is kept in the UK with strict audit controls on administrative access to the environments. We do not sell your data for any reason, and we handle it only to provide you with the service you’ve registered to use. Our transparent and clear Privacy Policy gives you further details. If we need to use your data for any other reason, we do it only with your consent. We are registered with, and regulated by the UK Government Information Commissioner's Office, complying with UK and European policies on data privacy and protection.

Securing your identity

For your assurance, we only ask for minimal information when you register: a first name so that we can address you and an email address for contact and to allow you to sign in. We use a complex hash algorithm to protect your password and we implement multi-factor authentication (like the one-time-passcode -OTP) to ensure that you are the only one with access to your account.

Secure Your Identity
Secure Hosting

Secure partners and hosting

SharedAffairs is hosted using the most secure cloud provider with Amazon Web Services. AWS supports more security standards and compliance certifications than any other offering, including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171, helping us satisfy compliance requirements for virtually every regulatory agency around the globe

We supplement AWS security with additional controls adhering to the AWS Shared responsibility model.