Huddle confirms high-spec security procedures

This week it was announced the Belgian Federal Public Service (FPS) Social Security was using online collaborative management platform Huddle to help prepare for its Presidency of the EU, which started on 1 July.

At the time, Max Raets, policy officer at FPS Social Security, said the system offered accessibility for contributors “while at the same time enabling us to limit the accessibility of sensitive documents to specific users.” Despite increased levels of collaboration from contributors, one area that wasn’t addressed in the release was the security procedures in place at Huddle to enable secure working practices.

Huddle has now confirmed some of the procedures at the company and its hosting supplier, Rackspace, which it described to PublicTechnology.net as offering “some of the most highly specified data centres available today”.

As well as adopting redundancy systems, including backup power, the company ensures physical security of its UK data centres, including biometric scans, pass card systems, and video surveillance. According to Huddle, system and application security is in place with dedicated firewalls, independent penetration testing, Secure Socket Layer (SSL), and unique usernames and passwords – Rackspace has also attained ISO27001 certification.

The Huddle platform has also been tested (“rigorously” according to a spokesperson) against a variety of web application vulnerabilities including cross-site scripting and SQL injection. Crucially, the company has revealed “UK government departments have also performed their own inspections of Huddle’s office environment, processes, and hosting facilities in order to ensure that they can rely on our security measures.”