1. Current and planned security measures
Current and planned security measures include:
- Encryption of data in transit using industry-standard protocols.
- Encryption of data at rest where supported by underlying infrastructure.
- Role-based access controls.
- Secure authentication processes.
- Activity logging and monitoring.
- Controlled access to customer environments.
- Principle of least privilege for system access.
- Regular review of suppliers and infrastructure providers.
As Loop evolves, we intend to continue strengthening our security programme through:
- Independent penetration testing.
- Vulnerability assessments.
- Security policy development.
- Incident response procedures.
- Disaster recovery planning.
- Security awareness training.
- Alignment with recognised security frameworks.
2. Compliance roadmap
Loop is currently being developed with consideration for:
- UK GDPR.
- Data Protection Act 2018.
- PECR (Privacy and Electronic Communications Regulations).
As the platform grows, we intend to work towards additional security and compliance standards where appropriate, including:
- ISO 27001 alignment.
- Cyber Essentials / Cyber Essentials Plus.
- Formal penetration testing programmes.
- Supplier security reviews.
- Enhanced audit and monitoring controls.
3. Infrastructure and hosting
Loop is built using established cloud and software providers selected for reliability, security and scalability.
Customer information is protected using security controls provided both by Loop and by trusted infrastructure partners.
We continuously review our architecture and controls as the platform evolves.
4. Responsible disclosure
Security is an ongoing process rather than a one-time achievement.
Where security issues are identified, our aim is to investigate, prioritise and remediate them appropriately and in a timely manner.