Our security details

We know how critical data security is these days. Lead Onion’s platform is hosted by a UK based data-centre. The Lead Onion application is protected by a firewall and data exchanged between yourselves and the application is encrypted in transit. We utilise the services of an independent third-party professional certification company to perform penetration testing, to validate our data security policies and practices. See below for more details.

Does Lead Onion encrypt data in transit?

The connection to this site is encrypted and authenticated using a strong protocol (TLS 1.0, 1.1, 1.2), a strong key exchange (ECDHE_RSA with P-256), a strong cipher (AES_128_GCM) and 2,048-bit keys.

Is Lead Onion protected by a firewall?

Yes. Config Server Firewall (or CSF) is an advanced firewall for Linux distributions and Linux based VPS. In addition to the basic functionality of a firewall – filtering packets – CSF includes other security features, such as login/intrusion/flood detections etc.

Building

Four-floor building
Approximately 250m2 of hosting space (ground floor)
Loading/delivery docking area
Equipment scissor lift (2m x 1.4m)
BMS monitoring system monitored by Tagadab Support
24 x 7 environmental monitoring systems & power monitoring
A regular and meticulous maintenance schedule on all Data Centre infrastructure

Room

Heavy duty raised floor
Raised floor (height – 0.5m)
Door width (Minimum width 1.1m – loading bay, all other doors are 1.4m)
Door height (2.15m)
Roof height (excluding raised floor) – 2.45m
Anti-Static tiles with earthing straps attached to every under floor support

Climate

Average supply temperature: 22°C/72°F ± 2°C
Regulated humidity
2N cooling infrastructure
N+1 computer room air conditioning (CRAC) units with up to 90kW capacity
N+1 Chillers installed away from all client areas and fed via dedicated risers
Moisture detection sensors

Power

720kVA – Building power feed
2N Power distribution to PDU’s
Diesel driven generator with 3 days run time at full load
625 kVA Generator
200 kVA UPS with static and maintenance bypass
Voltage and frequency – 415/240v 50Hz
Each cabinet has 2x IEC309 commando sockets positioned under the raised floor
Standard power distribution within cabinets (PDU’s) is supplied as 12x C13 and 4x C19 sockets
Up to 7.5kW power supply per rack
32A MCCB’s within PDU’s

Security

Only authorised staff and registered customers are allowed on-site
Security zones using Smart-card access
Logging of all entries
Internal and external CCTV monitored in a security reception
24 x 7 x 365 Security & monitoring

Cabling and Connectivity

Power cabling under raised floor
Data cabling overhead
CAT 6 structured cabling
Scalable architecture including multiple redundant core switches and routers
Access to distinct fibre providers including: BT and Virgin

Fire Suppression

Gas fire extinguishing system
Very early smoke detection alert (VESDA)
Fire-retarding walls
Automatic smoke detection throughout Data Centre
Argon fire suppression system
Regular testing and evaluation of all systems

Penetration Testing & Vulnerability Testing

Lead Onion bring in industry-respected 3rd party penetration testing firms once a year to carry out full penetration testing on our products. The latest penetration test was carried out in June 2017 by Info-Assure who are certified CREST security testers. We have stringent internal audit procedures to ensure compliance with the data protection act. Our development team carry out vulnerability testing on an ongoing basis to identify and quickly respond to flaws.

Backups

We take full back-ups of the database 4 times per day to ensure that up to date and accurate data is available for restore in the case of disaster recovery. In addition, our data centre has full disaster recovery procedures in place in line with ISO 9001 and take regular back-ups of the data on a daily basis.

Lead Onion is committed to ensuring that all data processing is carried out in line with the General Data Protection Regulation (GDPR).

We are committed to Data Protection by Design and Default and we continue to develop features which will assist companies in ensuring that their marketing campaigns comply with the GDPR.

The steps we have taken include but are not limited to:

  • Development of pre-built cookie templates with clear opt out instructions for individuals
  • Development of pre-built privacy statement templates
  • Restrictions on SMS and Email sends via the dashboard to individuals who have opted out of such communications
  • Centralised single customer view with full audit trail of all correspondence and touchpoints
  • Opt in/Opt out traceability included within the single customer view including the source and date of receipt of consent

Our Data Protection Officer (Michael Green) has completed the EU GDPR Practitioner Certification (ISO 17024-accredited) and is on hand to answer any GDPR related queries, please get in touch via dpo@leadonion.com.