CHAT

Let’s Parley …

Servers & Security

At Little Fire Digital we take privacy and data security seriously. All of our clients’ data is stored on secure, up-to-date servers. The software on which the servers run is regularly updated and access to any software other than those specifically required to provide website services (principally serving websites and email) is prohibited except from specified physical locations and to specific trained personnel. Client data is not stored on off-site devices.

The Little Fire offices are independently alarmed and secured behind multiple insurance grade doors. The estate on which they are located are highly secure being alarmed and continuously monitored by CCTV.

Servers

To prevent inappropriate access to our servers and the data stored thereon, Little Fire Digital implement the following:

  • Little Fire Digital will only host and maintain websites on servers which they lease directly from UK-based tier 1 data centres – details of the physical data-centre security are available on request.
  • For ease of management and optimum security, all our servers are maintained within a single VLAN (Virtual Local Area Network). Beyond the essential services and ports required to host a website (serving websites and email services), all access to the servers is denied by firewall to all but a specified set of IP addresses (physical locations which may include authorised staff members’ home addresses) and certain specific client processes.
  • Networks within the Little Fire Digital office are secured by industry-standard firewalls and security systems.
  • We run software to maintain the security status of all of our servers.

In the case of a serious vulnerability within the server system software patches are applied typically within a week of our providers becoming aware of it. Regardless of whether or not a website collects identifiable user data, all sites hosted by Little Fire Digital run exclusively behind an SSL (Secure Socket Layer) and the encrypted https:// protocol it supports.

Client Data

We attempt to hold the smallest amount of data possible. We store no credit card data. We share user data both about our clients and that owned by our clients with no one.


New websites are developed offline with dummy user accounts.


We do not keep offline copies of real user data except in cases where active development or specific troubleshooting requires it. Where, for whatever reason, development or troubleshooting is not possible using the developer database, a copy of the live database, including the personal data contained thereon will be downloaded, installed on the developer machine and used as the working database for the duration of the development only. It is contrary to company policy to maintain copies of live databases offline.


All data on our servers is automatically backed up on a daily basis. Data in the back up is maintained for 30 days, after which it is automatically deleted.

Cybersecurity Essentials

Little Fire Digital are have been independently certified as Cybersecurity Essentials – Certified Plus suppliers.

Cybersecurity Essentials - Certified Plus

Drop us a line