Application security

The application has been built with security and reliability in mind. More than 90,000 organizations in more than 180 countries, including 70 per cent of UK central government departments, use Huddle to securely manage projects, files and people in the cloud.

Huddle encrypts all data exchanged with the server to industry standard levels as well as authenticating the server itself to the user.

Huddle has multiple levels of security.

There is the physical security of our data centre which is operated by Rackspace. The servers are in secure facilities and our primary data centre is ISO 27001 accredited. The facility has restricted access and 24/7 monitoring.

Then there is the network security. Servers are hosted behind sophisticated firewalls, with a protected perimeter. We carry out penetration testing on an ongoing basis, and have had formal penetration testing commissioned on a number of occasions by third parties.

Thirdly, application security is ensured as workspace managers have full control over which documents are available to be viewed by who. All restrictions on workspaces and files make sure that files can are only ever seen by those who are supposed to see it.

Huddle certificates:

• SSAE16/ISAE 3402: The controls, processes and policies that protect data in our systems have successfully completed a SSAE16/ISAE 3402 audit.
• Huddle is approved for use by UK government departments, up to IL2. Huddle is used by over 60% of UK central government departments including Cabinet Office, Ministry of Justice and Department for Business, Innovation & Skills.

Encryption: All transmissions to and from Huddle including sign-on are encrypted at 256-bit through SSL via HTTPS. All data is replicated in real time to our secondary data centre for disaster recovery.