Safely move on from COVID-19

We practice what we preach

We understand the importance of information security and treat your data as we do our own

UKAS Certified ISO 27001:2013

Alliantist, the organisation behind, is UKAS certified for ISO 27001:2013. That scope covers our whole organisation, the people in it and our services including

In terms of the supply chain, our data centre partners are also world class and have the same or equivalent accreditations too. Data is stored in UK datacentres. Other suppliers that need to, also have their own certified ISMS or follow our policies and controls.

See Our ISO 27001 Certificate

Pan UK Government Accreditation and PSN Certification

Alliantist also delivers services to meet high levels of information security which means our overall practices go beyond the scope of ISO 27001.  In fact, Alliantist was the only supplier of its type that achieved Pan UK Government Accreditation for its government clients when that was required for early GCloud frameworks.  We still work to those high standards and hold PSN Certification.

We have also met the requirements for the original HMG Security Policy Framework and the related policies and controls as part of the pan-government accreditation of another product in the Alliantist suite, the pam platform. These include undertaking Baseline Personnel Security Standard (BPSS) checks and other vetting on new hires in addition to the other UKAS certified ISO 27001:2013.

GDPR Compliance

We follow the UK Information Commissioner’s Office (ICO) checklists for the General Data Protection Regulations and Data Protection Act 2018. These are a comprehensive set of 120 activities which demonstrates that we handle personal data responsibly and in accordance with the law.

2-Factor Authentication offers 2-factor authentication (2FA) for its customers. All Alliantist staff also operate with 2FA on (where offered) for all services they need to deliver and support

Single Sign-On (SSO) supports Single Sign-On using SAML 2.0 and our list of supported identity providers is ever-growing. Examples of supported identity providers include Google, Microsoft Azure Active Directory and Okta.

Penetration Testing

The platform undergoes at least an annual penetration test in line with CHECK testing standards and also has further tests whenever there is a material change. has also been rated A+ by independent checks using the Qualys review process for the SSL inspection.


In the unlikely event that things go wrong, you can be confident that we have insurance for Professional Indemnity for Technology Companies, Public and Products Liability, Employers’ Liability, as well as Cyber and Data Crisis Containment.

Cyber Essentials

The organisation has achieved Cyber Essentials certification in line with the IASME standard.

Cloud Security Principles

Alliantist works to the Cloud Security Principles advocated by the National Cyber Security Centre NCSC.

Terms and Conditions for use of

See our terms and conditions for use – these also document other data protection safeguards we have ​implemented in line with the requirements for GDPR.

Support Policy

See our Support Policy

99.5% up time – usually 100% reliability

24/7/365 availability with internet access

Deal with humans for any support issues