Network & Environment Segmentation
Our network architecture is designed to isolate sensitive workloads and minimize the potential impact of security incidents.
Defence in Depth
We implement multiple layers of network security controls to protect against both external threats and potential internal compromises. This approach ensures that even if one layer is breached, additional protections remain in place.
VPNs & Virtual Private Clouds
Our platform uses virtual private networks (VPNs), virtual networks (VPCs or equivalent) and network-security groups/ACLs to minimise lateral movement and isolate sensitive workloads.
Firewalls & Intrusion Detection
Firewalls, intrusion detection/prevention systems (IDS/IPS) and logging guard the network perimeter and internal segments.
Encrypted Service Connections
Connections between services (frontend ↔ API, API ↔ database) are restricted to only those required, and encrypted in transit.
Network Security Controls
- Segmented network zones for different sensitivity levels
- Network traffic monitoring and anomaly detection
- Strict firewall rules limiting inter-service communication
- Regular network security assessments
- DDoS protection and rate limiting