Our cloud infrastructure and system design has been built from the ground up with security, data isolation and integrity at the top of the agenda. We use instance-level isolation which means each customer instance runs in its own captured environment with its own database instance making it impossible for one customer instance to gain access to data in another customer instance. Hornbill is ISO/IEC 27001 certified and our data centers are SSAE16 Type II certified. View our Accreditations
Hornbill’s hosting platform is modular and portable. Our data center partner operates sixteen state-of-the art data centres in thirteen cities across North America, UK and Europe and has twenty one global network points of presence (PoPs). The highly secure, redundant IT infrastructure of our data centres protect your servers, and ensures you are getting service levels that are amongst the very best in the industry. All of our data centers are inter-connected with our secure, private backbone Supernetwork
Connections to Hornbill’s cloud environment uses TLS 1.0/TLS 1.2, using certificates verified by Geotrust, ensuring network traffic is encrypted and secure when being transported across the internet.
Hornbill ensures that its servers and operating systems are virus free and secure. However, cloud services also provide the ability for customers to upload content to our servers as part of the day-to-day usage. Content is typically file(s) attached to e-mails, calls and knowledge documents. Hornbill does not check uploaded content for viruses or perform any other content consistency; any file is simply treated as a passive block of data bytes. The Supportworks ESP PaaS solution protects itself from potentially unsafe content by ensuring that any content uploaded to the instance by our customers cannot be directly executed on our servers. In addition to this protection each customer instance runs in its own virtual environment which guarantees that it is not possible to cross-pollinate data between customer instances, making it impossible for one customer uploaded content to affect any other customer instance.
Our systems are consistently monitored at multiple levels for security and performance metrics. Our systems are built on a dual-network model where the “admin” network is separated from the “service” network. Access to the admin network is restricted with stringent security controls to ensure access is limited to authorised personnel from authorised locations. All security policies are operated at a minimum to the ISO27001 information security standard which itself is independently audited for compliance on a regular basis.