Security Compliance at MyPC

MyPC offers two different deployment options: a locally installed version and a cloud hosted service. This Security Compliance specifically governs the use of the cloud hosted MyPC service.

Security Compliance at MyPC

Everyone at MyPC (Info Technology Supply Ltd trading as MyPC, a company incorporated in England and Wales under number 2230502 whose registered office is at 2 Hobbs House, Harrovian Business Village, Bessborough Road, Harrow, HA1 3EX, United Kingdom and its authorised resellers who may contract with a customer) takes compliance with obligations in data protection and other legislation relating to data security seriously and understands its significance  both to customers and partners. For this reason, MyPC have obtained independent third-party auditor certification for ISO 27001.

This page sets out MyPC security measures and should be read in conjunction with MyPC Privacy Policy and related documents on the MyPC website including Data Privacy & Security FAQs and Data Privacy at MyPC documents.

Security Best Practices at MyPC

At MyPC we take great pride in our information security program and are dedicated to its continual improvement.

User Account Security

Product Access Control
A subset of MyPC's personnel has access to the service and to customer data via managed interfaces. The intention of providing access to a subset of personnel is to provide effective customer support, troubleshoot potential problems, detect, and respond to security incidents and implement data security.

Encryption
MyPC uses 256-bit AES encryption at rest in addition to securing network communication with TLS 1.2 for encrypting data in transit. Any passwords stored are HASHED one way.

Change Management

  • Peer code reviews: every change of MyPC is peer reviewed whether it’s a new feature or bug fix. Security reviews are performed as appropriate.

  • Regular code audits for security.

  • Robust unit testing.

  • Regular penetration testing.

Cloud Security

MyPC uses Microsoft Azure as its cloud service provider and leverages Azure's security and compliance controls for data centre physical security and cloud infrastructure. Further resources can be found on the website.

Monitoring & Logging

Availability
The MyPC service utilises automatic Azure availability services, MyPC maintains a Status page.

Logging
MyPC maintains a comprehensive log of all workflow actions. Actions are logged internally for troubleshooting, support, and planning purposes.

Vulnerability Management

Threat Detection
MyPC has enabled threat detection software and enforces continual threat modelling exercises to identify and plan for any vulnerabilities in our environment.

External Penetration Testing
MyPC undergoes an external penetration test by an independent third party on a monthly basis, new vulnerabilities are scanned daily.

MyPC regularly updates its security measures. Users should make regular reference to this page for the latest position as this Security Compliance summary is updated from time to time.