Motif puts your security and data first by using world-leading security solutions to secure our service.

Overview

Motif manages sensitive information for our clients throughout the U.K. We understand that our customers expect us to protect their data with the highest standards and are committed to providing them with a highly secure and reliable environment. Our security model and controls are based on international standards and industry best practices. 

How do we secure your data?

Our systems are hosted on multiple Availability Zones at Amazon Web Services. This allows us to provide a reliable service and keeps your data available whenever you need it.

These data centres employ leading physical and environmental security measures, resulting in highly resilient infrastructure. For more information about their security practices, see below:

AWS Security Page

Application Security

Motif implements a security oriented design in multiple layers, one of which is the application layer. The Motif application is developed according to the OWASP Top 10 framework and all code is peer reviewed prior to deployment to production. Motif developers go through periodic security training to keep them up-to-date with secure development best practices.
 

Infrastructure Security

Another layer of security is the infrastructure. As stated, Motif is hosted across multiple AWS Availability Zones. Furthermore, our infrastructure is protected using multiple layers of defence mechanisms, including:

  • Firewalls for enforcing IP whitelisting and access through permitted ports only to network resources

  • A web application firewall (WAF) for content-based dynamic attack blocking

  • DDoS mitigation and rate limiting 

  • Comprehensive logging for audit trails.

Data Encryption

Motif encrypts all data both in transit and at rest:

  • Traffic is encrypted using TLS 1.3 with a modern cipher suite, supporting TLS 1.2 at minimum

  • User data is encrypted at rest across our infrastructure using AES-256 or better

  • Credentials are hashed and salted using a modern hash function

External Security Audits

Independent third party assessments are crucial in order to get an accurate, unbiased understanding of your security posture. Motif conducts security tests on an annual basis both in the application and in the infrastructure level using well-known, independent auditors. 

 

Motif's last independent audit was undertaken in December 2019 by a Crest Accredited company

Physical Security

Motif is a cloud-based company, with no part of our infrastructure retained on-premise. Our physical security in the offices include personal identification based access control, CCTV and alarm systems.

Motif's data centers are hosted on Amazon Web Services, where leading physical security measures are employed.

Disaster Recovery and Backups

Motif is committed to providing continuous and uninterrupted service to all its customers. We consistently backup user data every 5 minutes. All backups are encrypted and distributed to various locations, where they are retained for 30 days.

Our Disaster Recovery Plan is tested regularly to assess its effectiveness and to keep the teams aligned with their responsibilities in case of a service interruption.

Security Awareness and Training

Motif understands that its security is dependent on its employees. Therefore, all our employees undergo thorough information security awareness training during onboarding.

Training

  • LinkedIn
  • Spotify

Motifpm Ltd. 2020 Copyright. All rights reserved. Company Reg. 11763195