Continuous monitoring
Our security controls are monitored continuously through automated checks, complemented by internal and external audits. Infrastructure health and security signals are tracked on operational dashboards.
Logging
- Server and security event logs (including network flow logs) are collected centrally.
- Object-storage server access logging is enabled.
- Access to logging storage is restricted to authorised users only.
- Logs are retained to support investigation and audit: infrastructure logs for at least 12 months.
Alerting
- Automated log alerting is enabled.
- Intrusion detection is enabled across our cloud infrastructure, with notifications configured so our team is alerted to suspicious activity.
- Operational alerts cover compute, database, load-balancer and message-queue health.
Integrity
Clocks across our infrastructure are synchronised, so log timestamps are consistent and reliable for investigation. Administrative account activity is attributable to individuals (non-repudiation).