Security is at the core of our company ethos. Our founders, Kashif Barlas and Farhan Ghalib, are both seasoned technical and security professionals with years of experience in the Defence, Government and Financial sectors.
Kashif specialises in Data Security and Privacy. He has ensured that the service complies with GDPR and best practice Data Privacy standards. He brings a wealth of Strategy, Governance, Risk and Compliance expertise as a CISM and CRISC Certified member of ISACA, applying the essential regulatory requirements making the protection of your personal information our top priority.
Farhan is an expert in designing and delivering secure systems with the UK government. He works closely with NCSC colleagues to assess service security against multiple threat vectors. With his expertise, we have designed a reliable and secure system incorporating the latest encryption standards coupled with the necessary best practice security controls.
We maintain our website security controls in line with the National Cyber Security Centre’s 14 Cloud Security Principles to ensure that all aspects of the service meet the highest security standards.
Your personal information is protected using state-of-the-art technology, and through the law that requires us to provide full protection to your personal data. Your personal information is encrypted in flight and at rest ensuring that even if someone was able to get hold of the data, they would not be able to decipher it. We have implemented multiple layers of security with no external access to our database.
For your assurance, we only ask for minimal information when you register: a first name so that we can address you and an email address for contact and to allow you to sign in. We use a complex hash algorithm to protect your password and we implement multi-factor authentication (like the one-time-passcode -OTP) to ensure that you are the only one with access to your account.
SharedAffairs is hosted using the most secure cloud provider with Amazon Web Services. AWS supports more security standards and compliance certifications than any other offering, including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171, helping us satisfy compliance requirements for virtually every regulatory agency around the globe
We supplement AWS security with additional controls adhering to the AWS Shared responsibility model.