We’re proud to be ISO 27001 accredited for our information security. Being ISO certified means that you can be confident that ProspectSoft conforms to international standards and best practice to keep your data secure. Our processes and policies are kept under constant review and we undergo an independent annual audit to maintain our ISO certification. For more about our ISO certification, you can take a look at our News article here.
With Prospect 365, your data is encrypted "at rest" (in the database) and "in transition" (as it is transmitted to and from users across the internet). But, you will want your staff and customers to see that is secure. That's why we provide certificates as standard using 256-bit encryption with a 2048-bit key.
Prospect 365 is hosted in Microsoft Azure, Microsoft’s Global Cloud platform. With Azure, Microsoft has made an industry-leading commitment to the protection and privacy of data. Microsoft were the first cloud provider recognised by the EU's data protection authorities for their commitment to rigorous EU privacy laws. Microsoft Azure complies with ISO 27001 and was the first major cloud provider to adopt the international cloud privacy standard, ISO 27018.
We use Microsoft Azure and Amazon data centres that implement the highest levels of data security, redundancy and reliability. Prospect 365 services, running within Azure are all load-balanced with redundancy built in. They communicate across a private network within Azure and are secured by Azure’s AI (Artificial Intelligence) monitoring and protection systems. The Microsoft Azure data centres (where we run the Prospect 365 services) and the Amazon data centre (where we store your CRM and CMS backups) are both compliant with ISO 27001.
Prospect 365 runs on the Microsoft Azure Cloud for its power, security, scalability and reliability. But, it's not all about technology, it's also about the policies that protect the privacy of your data. Microsoft has adopted ISO 27018, the international cloud privacy standard and conforms to the latest EU privacy laws.
Independent automated systems monitor every aspect of our solution, from secure certificate expiry to the performance of individual services. We use independent experts to actively scan and report on PCI vulnerability tests and to perform regular network and software penetration testing.