The Bunker Protocol incorporates Physical, Human and Digital security capability and processes and wraps them with a governance and standards layer that ensures that client data and systems are continually secure and compliant.
The Bunker takes a multi-layered approach to physical security. Planned as a single entity, our counter-measures include perimeter fences, gates, lighting, CCTV and robust access control.
Our fully owned UK data centres are secure by design Located within purpose built ex-Ministry of Defence facilities, with 3m reinforced concrete walls, solid steel doors, and 24-hour CCTV – backed by visual verification of all persons entering, escorted access, and Electro Magnetic Pulse (EMP) and Tempest RFI intrusion protection.
Our facilities are also highly available, with auto-failover and replication across our two main sites combined with redundant power ensuring 100% uptime. We’re ISO 27001 accredited, PCI DSS certified and fully compliant with all 12 PCI DSS v3.2 requirements. All of our processes are Security Council controlled.
Our culture starts and ends with security. The Bunker uses pre-employment screening and includes security terms and conditions in our conditions of service. We also operate a personnel security review process and a formal process for managing staff leaving the business to ensure the highest level of security from a people perspective.
We build and integrate systems in-house, with the highest levels of security from the source code up – Hardened Windows, Unix and Linux environments, and up to four additional levels of security, each with full encryption.
The protection of Virtual Machines (VMs) is assured in a highly granular fashion, with capabilities including Stateful Firewall, Web Application Firewall, and Anti-virus; as well as Encryption services, Host based Intrusion Protection, Virtual Patching Technology, File Integrity Monitoring, and Security Incident and Event Management (SIEM).