Security & Trust

Security is foundational
to everything we build

At Foods Connected, protecting your data and ensuring the reliability of our platform isn't a feature — it's the foundation on which our entire service is built.

Hosted on Microsoft Azure
Our Approach

A multi-layered approach to security

We apply security thinking at every layer of our platform — from the infrastructure we run on, to how we write and test code, to how we respond when things go wrong.

Cloud Infrastructure

Our platform runs entirely on Microsoft Azure, with geo-redundant architecture across multiple European data centres for high availability and resilience.

Access Control

All accounts are secured with Multi-Factor Authentication and conditional access policies, managed through enterprise-grade identity services.

Secure Development

Security is embedded throughout our development process, with automated vulnerability scanning and dedicated penetration testing by accredited third parties.

Data Resilience

Multiple backup strategies — including point-in-time restore and long-term retention — protect your data, with automated recovery testing to ensure integrity.

Change Management

All production changes undergo formal review and approval, with strict access controls limiting who can make changes to our live environment.

Compliance

We maintain ISO 27001:2022 and Farm Safe Data certifications, holding ourselves to recognised global standards for information security.

Infrastructure

Built on Azure, designed for resilience

Our platform is hosted on Microsoft Azure, one of the world's leading enterprise cloud providers. We leverage Azure's European data centres, with geo-replication providing failover capability should any regional disruption occur.

Development and test environments are fully isolated from production, ensuring no unapproved changes can impact live operations. Our infrastructure is provisioned as code, giving us consistent, repeatable, and auditable deployments.

This architecture benefits directly from Microsoft Azure's own extensive compliance certifications and built-in security capabilities.

Platform Highlights

  • Microsoft Azure cloud hosting
  • Geo-replication across European regions
  • Isolated development & production environments
  • Infrastructure provisioned as code
  • Automated security monitoring & threat detection
  • Enterprise identity management with MFA
Data Protection

Your data, carefully protected

We apply multiple layers of protection to ensure customer data is secure, available, and recoverable. Our databases benefit from Azure's managed infrastructure, including automated backups with point-in-time restore capabilities.

In addition to cloud-native backup, we maintain external copies of critical data on encrypted storage, providing an additional layer of redundancy beyond a single cloud provider.

Recovery procedures are tested regularly to verify that our backup data remains complete and restorable, so we're always prepared in the event of an incident.

Data Resilience

  • Point-in-time database restore
  • Daily incremental backups
  • Weekly, monthly & annual long-term retention
  • Encrypted off-cloud backup copies
  • Automated restore testing
Development & Testing

Security built in, not bolted on

We embed security practices throughout our development lifecycle, from the first line of code to production deployment.

Static Analysis

All code commits are automatically scanned for security vulnerabilities before they can progress, catching issues as early as possible.

Dynamic Testing

Before any release reaches production, dynamic testing in our staging environment validates that no new vulnerabilities are introduced.

Penetration Testing

Our platform is subject to annual penetration testing by independent third-party providers, with findings remediated according to severity and used to inform continuous improvement.

Certifications & Compliance

Independently verified, continuously maintained

Our certifications reflect a genuine, ongoing commitment to information security — not a one-time exercise.

British Assessment Bureau ISO 27001 Information Security Management certification badge, UKAS accredited, certificate number 8289
Certified

ISO 27001:2022

We are certified to the latest version of the international standard for information security management, demonstrating that our controls meet globally recognised best practices for protecting data.

Farm Data Safe certification logo
Certified

Farm Safe Data

We hold Farm Safe Data certification, underscoring our commitment to responsible and secure handling of data within the food and agriculture industry.