Professional-level security baked right in
QuadrisCloud customers take advantage of process, technology and network architecture that has been purposefully constructed to meet the most stringent requirements of the most security-sensitive organisations across the UK, Europe and North America.
Protecting your organisation with …
Professionally trained & vetted employees
Security isn’t just a feature with QuadrisCloud; it’s the foundation of our entire technology stack. We integrate storage-at-rest encryption and data-in-transit encryption tech to keep you, your data, and your business safe and secure.
Industry-recognised & approved processes
With QuadrisCloud, you can easily increase or decrease the number of vCPUs, memory, storage, backup and more on a per VM basis, ensuring you only pay for what you are using.
The best technology implemented well
We’re not a faceless online organisation. Instead, you get direct access via phone and email to our UK-based support team, all of which are experts in cloud computing and can assist with any issues, no matter how complex.
Professionaly trained and vetted employees
We understand that security is paramount, which is why we prioritise hiring only the most qualified professionals who not only possess extensive expertise but also undergo rigorous training and vetting processes. Our unwavering commitment to excellence ensures that our team is equipped with the necessary skills and security clearances to safeguard your critical data and assets. With a diverse range of certifications and clearances, our staff are not only prepared to handle sensitive information but are also trained to adhere to the highest standards of cybersecurity practices.
This proactive approach fosters a culture of trust and reliability, allowing you to focus on your business while we expertly manage your cloud infrastructure with the utmost integrity and care.
Limited remote access to critical systems
Access to core QuadrisCloud management and maintenance systems is limited to approved members of the Quadris team, with access only available via a secure Citrix connection.
Government clearance
Selected Quadris employees have been cleared to UK Government Security Check (SC) clearance, providing them with uncontrolled access to Secret assets and supervised access to Top Secret assets.
Cyber Essentials Plus certified employees
All Quadris staff are Cyber Essentials certified, demonstrating our commitment to implementing fundamental cybersecurity practices and mitigating common cyber threats.
BSI-level recruiting as standard
Every Quadris employee is vetted to BS 7858:2019 standards, which details best practices and guidelines for the security screening of individuals employed within a security environment.
Selected NPPV level 3 clearance
Selected Quadris employees are cleared, where required, up to the UK National Police NPPV Level 3 standard, the highest level of clearance available, covering access to Police facilities and unsupervised access to confidential material and data.
Granular privilege as standard
Access to QuadrisCloud management and maintenance systems follows a Zero Trust guiding principal, providing access to users and teams on a granular privilege basis, based on their needs. This ensures teams only have access to the data they require, often on a read-only basis.
ISO 27001 ISMS trained staff
All Quadris staff are trained on our internal Information Security Management System (ISMS), which form part of our overall ISO/IEC 27001 accreditation. In addition to onboarding of new staff, all staff must also complete repeat awareness training throughout each year.
Industry-recognised & approved processes
When it comes to data management, we don’t cut any corners. For us, a robust and methodical process is paramount to safeguarding your information, which is why security is not just a priority but a fundamental principle woven into the very fabric of our operations.
With industry-leading frameworks such as SOC, ISO/IEC, and NHS DSP guiding our practices, we ensure that our data centres are fortified against potential threats, providing peace of mind for organisations that handle some of the most sensitive information. Coupled with our dedicated incident monitoring, alerting, and resolution systems, we proactively manage risks and respond to incidents swiftly, ensuring your data remains protected at all times.
Our commitment to excellence is underscored by our adherence to stringent standards, allowing you to focus on your core business while we expertly navigate the complexities of data security on your behalf.
SOC 1 and SOC 2 assessed
The QuadrisCloud data centres are independently assessed to SOC 1 Type II and SOC 2 Type II security levels, providing assurance about the controls and processes implemented specifically around the handling and security of financial data held within the platform.
ISO/IEC 27001 certified
Quadris treats the security of our customers and our own electronic assets with the upmost importance. We are certified to ISO27001:2013, a specification for an information security management system that is audited externally by ISOQAR.
ISO 22301 approved data centres
QuadrisCloud operates out of two UK-based data centres located (for resilience) in Manchester and London. Both sites are ISO Business Continuity Management Systems compliant (ISO 22301).
Secure hardware disposal
All physical server hardware and components are securely erased by dedicated, trained staff before being securely disposed of to UK Waste Electrical and Electronic Equipment (WEEE) recycling regulations.
ITIL-aligned management
Quadris are committed to aligning their IT processes to the Information Technology Infrastructure Library (ITIL) standard, specifically around the ITIL Security Management structure.
NHS DSP Toolkit Compliance
Quadris (organisation code is 8KK76) meet the stringent NHS criteria for information security and governance and are committed to completing the Department of Health’s Data Security and Protection (DSP) Toolkit on an annual basis.
Incident resolution and reporting
Incidents detected by the NOC are immediately reported to internal Security Operations Centre (SOC), who are tasking with resolving and reporting incidents.
Incident monitoring and alerting
Our internal Network Operations Centre (NOC) monitors all Quadris Cloud operations 24/7 to ensure the service is safe, secure and running as expected. The NOC team employ enhanced security monitoring tools across the business to detect and respond to security incidents promptly. This includes monitoring network traffic, system logs, and implementing intrusion detection and prevention systems (IDPS) across the QuadrisCloud platform.
The best technology implemented well
We leverage best-in-breed technology and rigorous processes to ensure that every aspect of our platform adheres to best practices in security and performance. Our secure login process is fortified by robust SSL encryption and two-factor authentication, creating a solid foundation that safeguards your data from the outset. We implement complex password protocols and maintain a meticulous Active Directory management system, ensuring that access is tightly controlled and monitored.
Moreover, our integrated Imperva Web Application Firewall acts as a vigilant sentinel, filtering all web traffic and protecting against threats in real-time. To enhance security further, our UK-based IP address allocation allows for precise geofencing, while our third-party monitoring facility guarantees around-the-clock vigilance, reinforcing resilience and peace of mind.
With QuadrisCloud, you are not just choosing a cloud service; you are embracing a secure, reliable, and expertly managed environment tailored to your needs.
SSL encryption as standard
SSL encryption ensures that the data transmitted between your web browser and QuadrisCloud remains private and secure. It prevents unauthorized parties from intercepting and accessing sensitive information such as your login credentials, credit card details, or any personal data we may hold.
2FA as standard for all users
Registration and general access to the QuadrisCloud platform requires every user to sign-in using 2FA as standard. The platform supports mobile authentication via either Google Authenticator or Microsoft Authenticator.
Complex passwords by default
All QuadrisCloud passwords are set to complex 16 character + string including symbols, numbers, lower-case, uppercase and excluding similar characters.
ACL-protected Active Directory
LAPS is used to manage all local administrator passwords for domain joined computers. Passwords are stored in Active Directory and protected by an ACL so only eligible users can read or request a reset.
Windows hardening
By default, the following services are disabled for all Windows services as they present various potential security threats: SMBv1, NetBIOS, LMHash, null enumeration and cached credentials.
Integrated Imperva Firewall
QuadrisCloud has industry-leading Web Application Firewall (WAF) from Imperva built directly into the platform, monitoring and filtering all web-based traffic.
UK-based IP addresses
All QuadrisCloud accounts allocate UK-based IP addresses, allowing your internal systems to be geofenced if required, adding an additional layer of protection and security.
3rd physical location for monitoring
QuadrisCloud is monitored 24/7 via a third data centre location, building in an extra layer of security and resilience.