Security Overview

AAA i Services (UK) Limited, trading as iSolutionhub

Last updated: 12 September 2025

On this page

1. Introduction

Protecting the confidentiality, integrity, and availability of customer data is a core priority for AAA i Services (UK) Limited, trading as iSolutionhub. This Security Overview outlines our technical and organisational measures (TOMs) to safeguard data in line with the UK GDPR, industry standards, and customer expectations.

2. Infrastructure Security

  • Services hosted in secure data centres provided by leading cloud providers (e.g. AWS, Google Cloud).
  • Facilities protected with 24/7 monitoring, biometric access, and redundant power/network systems.
  • Logical segregation of customer data with strict tenant isolation.

3. Encryption

  • In transit: TLS 1.2+ enforced for all communications (HTTPS, SMTP with STARTTLS).
  • At rest: Sensitive data stored with AES-256 encryption or equivalent.
  • Key management: Managed through secure KMS (Key Management Services).

4. Access Control

  • Role-based access control (RBAC) applied across systems.
  • Multi-factor authentication (MFA/2FA) required for privileged accounts.
  • Principle of least privilege applied; access reviewed regularly.
  • Strong password policies and credential rotation enforced.

5. Monitoring & Logging

  • Centralised logging and monitoring of infrastructure, applications, and APIs.
  • Automated alerts for anomalous activity, failed logins, and suspicious behaviour.
  • Regular review of logs for security incidents.

6. Backups & Continuity

  • Regular encrypted backups of customer data.
  • Disaster recovery and business continuity plans tested periodically.
  • Redundant infrastructure to ensure high availability.

7. Secure Development

  • Applications developed following secure coding practices (OWASP Top 10 awareness).
  • Code reviews and automated vulnerability scanning integrated into CI/CD pipelines.
  • Third-party libraries regularly reviewed for known vulnerabilities.

8. Incident Response

  • Documented incident response plan (IRP) with clear escalation paths.
  • 24/7 monitoring for critical incidents.
  • Customers notified of notifiable breaches without undue delay.

9. Compliance & Certifications

  • Alignment with UK GDPR, Data Protection Act 2018, and applicable international standards.
  • Hosting partners maintain relevant certifications (e.g. ISO 27001, SOC 2, PCI-DSS for payment processing).

10. Shared Responsibility

Security is a shared responsibility. While we provide robust measures, customers are responsible for securing their own credentials, endpoints, and data inputs. We encourage strong password practices and use of multi-factor authentication wherever available.

11. Contact

AAA i Services (UK) Limited
Trading as: iSolutionhub
Email: info@leap-tel..co.uk
Website: www.leap-tel.co.uk