top of page

Information Security Policy

Date: February 2026
Classification: External - Public

1. Introduction

At SafeSight Global, security is not an afterthought -  it’s foundational.

​

We understand the critical nature of the work our customers do and the sensitivity of the information shared on the Safeguard Pro platform. That’s why we’ve embedded security into every layer of our architecture, development lifecycle, and operations.

​

From secure coding practices to rigorous testing and continuous monitoring, Safeguard Pro is built to safeguard your data, ensure system integrity, and withstand evolving cyber threats.

​

Our security controls are aligned with the ISO 27001 international standard for information security management, providing a robust and recognised framework for how we protect customer data and manage risk across the platform.

​​

In addition, SafeSight Global is actively progressing a roadmap towards SOC 2 Type II compliance, reinforcing our commitment to meeting the highest standards of security, availability, and confidentiality.

 

Our security posture reflects our commitment to providing a trusted, resilient, and secure environment for our customers.

​

2. Our Security Commitment

SafeSight Global is committed to protecting the confidentiality, integrity, and availability of customer data processed by the Safeguard Pro platform. This commitment is embedded in our organisational culture, technical architecture, and operational processes.

​

3. Platform Security Controls

The following sections outline the key security controls and practices implemented across the Safeguard Pro platform.

​

3.1 Strong Identity & Access Management

Safeguard Pro enforces robust identity and access management to ensure only authorised individuals can access the platform and its data. Our approach includes:

  • Role-based access control (RBAC) ensuring users only access the data and functions relevant to their role.

  • Multifactor authentication (MFA) enforced across all user accounts.

  • Integration with enterprise identity providers, including Single Sign-On (SSO) via providers such as Microsoft Entra ID.

  • Principle of least privilege applied across all system access.
     

3.2 End-to-End Encryption

All data processed by Safeguard Pro is protected using strong encryption standards to ensure that sensitive information remains confidential and secure at all times. This includes:

  • Encryption of all data in transit using TLS 1.2 or higher.

  • Encryption of all data at rest using AES-256 or equivalent standards.

  • Secure key management practices to protect cryptographic material.
     

3.3 Secure Development Practices

Security is integrated throughout our software development lifecycle (SDLC). Our development process includes:

  • Threat modelling during the design phase to proactively identify risks.

  • Secure coding practices aligned with industry standards such as the OWASP Top 10.

  • Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) integrated into our CI/CD pipeline.

  • Regular peer code reviews with a security focus.

  • Dependency and vulnerability scanning of third-party components.
     

3.4 Continuous Monitoring & Threat Detection

Safeguard Pro is continuously monitored to rapidly detect and respond to security events. Our capabilities include:

  • Real-time monitoring of platform infrastructure and application logs.

  • Intrusion detection systems (IDS) to identify anomalous behaviour.

  • Centralised log management and security event correlation.

  • Defined incident response procedures to mitigate risks and maintain platform integrity around the clock.
     

3.5 High Availability

Safeguard Pro is designed for high availability to minimise downtime and ensure service continuity, even during periods of high demand or disruption. This is achieved through:

  • Distributed infrastructure across multiple availability zones.

  • Autoscaling to dynamically allocate resources in response to demand.

  • Load balancing to distribute traffic and prevent single points of failure.
     

3.6 Redundancy & Failover

The platform is designed for resilience, featuring built-in redundancy and seamless failover mechanisms to maintain continuity during failures or disruptions. This includes:

  • Redundant infrastructure components to eliminate single points of failure.

  • Automated failover processes for critical services.

  • Regular backup and recovery testing.

  • Business continuity and disaster recovery planning.

​

​

bottom of page