Hornbill Security

Frequently Asked Questions (FAQ)

Q.

What If I need a copy of my data what is involved, and how frequently can I get hold of it?

A.

Firstly it's your data so by definition you are entitled to ask for a copy. Should you need a copy all you need to do is provide Hornbill with notice that you require this, typically no less than 14 days notice is required, and we will make available a copy of your data. Hornbill will provide a copy of your data by request once every 90 days at no additional cost. Your data will archived, compressed, encrypted and placed on our servers and you will be notified via email when its available and will have 7 days to download it to your servers. If you want these more frequently then you should consider the Hornbill Data Assurity service.

Should you require a more regular, scheduled push of your data we offer an optional chargeable subscription add-on service called Hornbill Data Assurity where we proactively archive and deliver a complete copy of your customer data to a cloud service of your choosing that you control (Amazon S3 for example) on a scheduled regular basis, typically once a month.

Q.

Who is entitled to ask for a copy of my data to be provided?

A.

Only the named Account Authority for your instance can make a request for a copy of your customer data to the Hornbill Cloud team. Any other requests will be referred back to the named Account Authority.

Q.

My security team have asked to know where the data is held?

A.

All data is held in the geographical legal entity associated with the instance. Therefore if your instance is in Europe your data remains in Europe, if your instance is in North America your data remains in North America.

Q.

Is the data encrypted and secure both in motion and at rest?

A.

Data is encrypted and remains secure at all times. Our choice of data centers, physical security, infrastructure\product architecture, automation, processes, and people ensure that information is protected. Backups are fully encrypted; data in motion is encrypted using SSL/TLS and the latest industry standards and strongest ciphers available; all data at rest is encrypted using AES256 or better. These security measures are applied equally for all customer instances and subscription levels.

Q.

Does Hornbill regularly undertake penetration testing against the service?

A.

Yes. As well as frequent tests undertaken by Hornbill we utilise external security companies to validate our results and services at least annually. Results of tests are available on request.

Q.

Under Data Protection legislation, my legal team want to know who will have access to the data?

A.

Access to data is restricted to your employees (with granular access rights available to limit subsets of data to different teams) and anyone you grant access to. The Hornbill cloud team have access to the servers\databases, however ISO requirements and processes mean that we would first need to obtain authorisation from your nominated contacts before accessing your instance data (All access to servers are logged and reviewed to ensure that this requirement is met).

Q.

How much storage do I get on my Hornbill instance, and what happens if I need more?

A.

By default your instance is automatically provisioned with 30GB of Storage. Additional storage is available should you require it and is charged at £0.20 per GB.

Q.

How long does Hornbill retain the data for if we cancel our subscription?

A.

In the event you choose to terminate your agreement Hornbill will retain your customer Data for a period of 30 Days from the Date of Termination. We will of course provide you with a copy of this data upon request in an industry standard machine readable format.

Q.

Does Hornbill perform background checks on personnel with administrative access to servers, applications and customer data?

A.

Yes.

Q.

What measures are in place for Data Transfer Security?

A.

All data in motion between instance and client (Web Browser) is encrypted via HTTPS\SSL. All other data in transit is encrypted via other secure protocols. No data is ever transmitted in clear text.

Q.

What Happens with Data Should we choose to leave

A.

Upon any termination, Hornbill shall use reasonable endeavours to assist in the migration of the Customer’s data and documents to another system within 20 working days. Such assistance to be subject to Hornbill’s terms for time and materials consultancy services and its associated standard day rates. Hornbill also agrees that such estimates for work will be reasonable and appropriate to the scale of request received for such data. Hornbill will delete (see below) the Customer Data between 30 and 60 days after the termination date. This includes all backups and data relating to those backups (Replications, Keys, Catalogs etc.

A SQL data dump will be provided of your instance (All SQL Create\Insert statements for your data) and copy of File Atthacments via Secure FTP within a password encrypted ZIP. An email is then sent to the primary technical contact for the instance containing information about the data drop along with the key required to unencrypted the content.

Q.

Delete v Wipe

A.

Hornbill does not simply "delete" data as this can be restored, we destroy data via wiping and this is achieved by overwriting all data blocks associated to a given file\logical volume or storage device firstly with 1s and then 0s. No data is left intact.

Physical disks (Used by underlying hardware not virtual disks that the instances run on) under go the same process as above and are then destroyed on premise with certificate of destruction obtained.

Q.

Is it possible to restrict access to my Hornbill instance by IP address ranges?

A.

In some enterprise environments its desirable to restrict access by source IP address. It is important that Hornbill's service is made up of two distinct layers, the presentation layer and the data layer. The presentation layer is the HTML content, this is shared amongst all customers and specifically has no customer-specific data served at this layer. The presentation layer is cached in a public cache (Cloudflare) for optimal global performance. It is not possible to restrict access to these caches via IP address range. The second layer, our data layer is all accessed via an API endpoint that is specific to your instance. For API access, Hornbill allows you to set one or more IP address matching rules, and if you have one or more rules set, only API calls that originate from IP addresses that match the rule(s) will be allowed. This functionality is only available for customers subscribed to the Enterprise Edition of the Hornbill Platform.

Setting an IP restriction will not prevent the UI pages from loading, but if your browser is not in an IP address range that are in your defined rules then you will not be able to log into, or access your instance.

It should be noted that by adding such restrictions, it is generally not possible to know the IP address(es) where mobile data comes from, so if you use IP address restrictions it is likely that you will not be able to use the Hornbill Mobile app unless wifi is enabled and your device gets allocated an IP address that falls within a rage that the rules you have created allows.

Hornbill Security Policy