Secure and compliant DAM software

Asset Bank is run by our dedicated in-house infrastructure experts, on industry-leading Amazon Web Services infrastructure.

Both Amazon Web Services (AWS) and Asset Bank DAM are certified to ISO27001:2022, so you can trust that your assets are in safe hands.

Book a demo

Asset Bank security features

Global reach

We have data centres in the EU, US, CA, ME, AP and AUS, so you can choose the region most suited to your requirements.

Integrity

Our hosting partner, AWS, is a world-leading provider of cloud servers and storage, renowned for their comprehensive compliance suite. Your digital assets are stored in AWS S3, which stores data with a redundancy rate of 99.999999999%.

Data protection

Our practices are fully in line with EU GDPR regulations, and so are our suppliers, which we use to help deliver Asset Bank to you.

ISO 27001:22

As an ISO 27001:2022 accredited company, we have the controls in place to effectively manage your assets using the three pillars of data protection – confidentiality, integrity and availability.

Availability

Asset Bank’s cloud hosting means that resources scale as you need them, so you can store as much data as you need, without having to worry about disk space. Our service uptime SLA is 99.9%, and our scheduled maintenance windows are all in the middle of the night, for the region in which your application is installed.

Expertise

Our in-house infrastructure experts manage and support the entire platform, giving your IT team one less system to worry about while providing access to experienced, specialist support.

Confidentiality

Asset Bank’s security is baked in right from the initial designs of any new feature. Our developers are trained in secure coding practices, and our secure development lifecycle policies ensure that testing and peer reviews are carried out on all changes made to the product. We also use an ongoing programme of automated vulnerability scanning and manual penetration testing from an accredited third-party.

View all features

Cloud hosting details

Physical security

AWS’s physical security measures at their datacentres are some of the best in the world: CCTV, intrusion detection, redundancy, fire detection and suppression, and leakage detection to name a few. More detail can be seen on their website.

Backups

Even with AWS’s excellent record of data redundancy in S3, we use an entirely different set of S3 buckets to store your backups.

Any asset you upload to Asset Bank will be instantly replicated to this secondary bucket, where it will be safely stored until 90 days after you remove the original asset from Asset Bank.

Our comprehensive disaster recovery strategy also means that database and application backups are taken regularly so that we can restore your entire application with a Recovery Point Objective (RPO) of, maximum, twelve hours.

Network security

Access to any technical system at Asset Bank is granted in line with our ISO-compliant access control policies, utilising roles-based access and the principle of least privilege.

To gain access to our AWS cloud environment, the connection must be made from our own IP address using a secure, encrypted tunnel. And, in a world of hybrid working, our VPN is managed so that only approved devices may access our networks.

Business continuity

Our Asset Bank security management team is trained in – and tests – our ISO-compliant business continuity plan to make sure that, in the event of a disaster, we are able to resume our service as soon as possible. But with your data in AWS and our distributed workforce, we’re minimising the risk of any one event affecting our service in any way.

Encryption

When you access Asset Bank via your web browser, your connection is secured with HTTPS encryption, ensuring your activity remains private and protected from interception.

Our certificates use Let’s Encrypt to automatically re-issue expiring certs, and you can choose a custom domain for your app too.

Your digital assets, stored in AWS S3, and the metadata in the database, is encrypted at rest. This means that, even if your data was compromised in any way, it would not be readable by the threat actor. All backups are also encrypted in transit and at rest.

Dedicated DAM hosting

If you have bespoke security requirements, we understand that you might want to host your Asset Bank on a dedicated server. We partner with AWS to provide fully backed-up EC2 virtual servers, which we fully manage for you.

View Asset Bank dedicated server hosting service

Get in touch

Security vulnerability management and disclosure policy

Asset Bank is committed to fixing serious security vulnerabilities promptly and carefully.

In order to protect our customers, we require that vulnerabilities be disclosed responsibly and reported to us in confidence.

Vulnerabilities should not be disclosed publicly before we have investigated them and, if necessary, released a fix.

How to report a security issue

Please email support@assetbank.co.uk

Please provide enough detail to allow us to reproduce and investigate the issue quickly, including:

Step-by-step instructions to reproduce the issue
Affected version
Affected configuration (e.g., operating system, browser, other software involved, settings)

Our response

When we receive a vulnerability report we will:

Acknowledge receipt of the vulnerability report
Investigate the report
If necessary, develop a fix for the vulnerability
When security fixes are released, notify subscribers to our security mailing list

We can't wait to show you Asset Bank in action!

Book your demo today