Data security is our highest priority.
Keeping our client data secure is at the heart of everything we do. We are certified against the world’s most rigorous Information Security Management System (ISMS) standard, so you can remain assured that we store your data safely.
International compliance: ISO 27001:2013
We are one of only 400 Australian businesses and organisations to have been successfully certified against ISO 27001:2013. As the leading global standard for developing and maintaining an ISMS, certification ensures our team is following best practice to:
- Protect client and employee information
- Manage risks to information security effectively.
Achieving certification against ISO 27001:2013 requires a stringent audit process and is reviewed annually.
The SwiftFox team also operates under Australia’s only industry legislated privacy code, and is a member of the Australian Data and Insights Association (ADIA)
Data always stored in Australia
Our data is hosted in secure data centres in Australia through Microsoft Azure, providing our clients with safety, security and scalability.
Azure’s architecture is adjusted for the cloud environment in order to ensure 99.99% availability even in the cases of infrastructure failures. It also ensures:
- Auto scalability
- High resiliency and fast geo-recovery
- Advanced data corruption protection
We are constantly reviewing and updating our systems to the latest versions to protect against vulnerabilities, and modifying our code to make use of new and better methods.
Policy transparency
We believe the most critical component of security comes from our daily actions. Therefore we operate on a least-risk basis, isolating data and keys as far as is practicable.
Our development machines are isolated from production code and data, and we regularly review incoming and outgoing logs in search of anomalies.
We share our policies with our clients, so you always know we are keeping your data safe. Our data security team is also able to answer any additional questions you have.
Two-factor authentication available
Audit logging of all user actions and logins
Key systems penetration tested