Infrastructure

INLIST works via a web interface. All internet traffic to and from the application is encrypted by a 1024 bit secure socket layer (SSL). This ensures that no third party can intercept information being sent or received.

All stored information stored through INLIST is protected by ultra-secure 192 bit 3TDEA (triple key data encryption algorithm). A series of unique private keys are generated as part of the cipher to encode and decode information. Once data is encrypted and stored, only the person(s) with the “key” may view or edit the data.

The data itself is held on dedicated SQL servers in a secure data centre in the UK. The centre has multiple tier 1 internet connections to ensure 100% network uptime. Automated backups are made daily, and held at a separate data centre in a different location. In addition INLIST users can back up their records directly to their local PC or server at any time.

Our service level agreements (SLA) ensure that engineers are on 24x7x365 standby and monitor the system constantly, applying patches and updates where appropriate.

Application

A username, password and an encryption key are used to identify each user of the system. The username (usually the email address) and password combination are unique to each individual, while the encryption key is unique to each company.
 
When a company becomes a client, the system automatically generates an encryption key for that company, which is emailed directly to the client user. No one else, including INLIST staff, has access to the key.

The user can also set up one or more advisers on the system. Each adviser would have a unique username and password, but would share the same encryption key as the client user. For additional security, the encryption key is not automatically sent to the adviser, but must be communicated by the client user directly.
 
Advisers can view and edit their own insider records only. They cannot view the company’s own insider list, nor that of other advisers.  Where an adviser acts for more than company, they are required to keep separate insider lists for each company they advise.