Hosting & Security

Our data infrastructure is provided by Millennia IT. Millennia only uses data centres in the UK so you are assured that your data will not be held globally.  All data centres are accredited to ISO9001:2008 and ISO27001:2013 and all have redundant 10Gbit/s fibre connections.

Only the authorised data centre staff are allowed access, and even Millennia staff have to book an appointment if they need to visit the facility. No other physical access is allowed.

Where is my data stored?

Our data infrastructure is provided by Millennia IT

Millennia only uses data centres in the UK so you are assured that your data will not be held globally.  

All data centres are accredited to ISO9001:2008 and ISO27001:2013 and all have redundant 10Gbit/s fibre connections.


Servers are located in the UK:

Leicester

DC4 Leicester, Iomart Hosting Ltd, 16 Berkley St, Leicester, LE1 4AT

Nottingham

Iomart Nottingham, 2-6 Fishergate, Nottingham, NG1 1FY

Millennia's server infrastructure benefits from:

Data Centre Traffic

All traffic is routed through the data centre’s barrier hardware firewall and scrubbed of many types of attacks before it reaches Purple Seven’s private firewall, let alone the network behind it. MillenniaIT monitors and reacts to attacks on this system as part of the general service to it’s customers.


The Millennia infrastructure that hosts the Purple Seven cloud employs a barrier hardware HA firewall which utilises an advanced threat model with Intrusion Prevention Services and a Layer 7 aware application traffic filter that scans traffic real time at up to 1Gbps.  It filters potential malware and exploit attempts before being forwarded to the Purple Seven specific internal firewall.


The internal firewall is from a different vendor to the external one, which helps mitigate traffic that may have been missed by the algorithms of the initial scan and helps capture more exploit attempts.

In both cases the systems are active Intrusion Prevention as opposed to detection in that they actively block identified malicious traffic as well as alert on it, and will protect against attacks such as cross scripting and SQL injection before they reach the webservers.

We have full DDoS mitigation for a volumetric attack in the tens of Gbps to stop the service being taken down by overwhelming the Internet connection with traffic.

Intrusion Detection

MillenniaIT constantly monitors our entire secure environment and responds to attacks detected by the hardware firewall.

Purple Seven receives immediate emails from the software firewall if an event has taken place that requires notification.

We receive a daily summary of the firewall activity via email.  Purple Seven Directors receives a monthly management executive report.

Firewall Logging

The firewall logs are held on the device and only deleted when the log partition looks like it will fill up.   We therefore  have the ability to retrospectively identify issues that may have occurred.

Secure Data Transfer

Our proprietary software application - the Daily Data Extractor (DDX) - is compatible with most ticketing systems in use in the UK. 

Overnight, every night it transfers customer and ticketing data from your ticketing server  - which might be hosted by your ticketing provider or local) to our secure servers.  

Data is extracted using the automated software from the ticketing database. You are able to restrict access to the database tables that we are allowed to read from. Software extracts data, encrypts and compresses before sending securely over SSL. Data is sent via SSL tunnel to a webservice hosted on our private domain. This is secured by an SSL certificate providing 2048 bit encryption.

On our servers, your organisation has its own database that can only be accessed by trained Purple Seven staff or by nominated members of your team through a front end application (if you have a subscription with us).