Security Built For Underwriting, Not Bolted On
The security of our platform is fundamental to how Addresscloud supports insurers operating in regulated, high-trust environments.
We design our services to ensure that data is secure, accessible and reliable at the point of decision.
Our Approach
Addresscloud is built on a simple principle: Data used in underwriting decisions must be secure, consistent and available in real time.
Our approach combines:
- enterprise-grade infrastructure
- continuous monitoring and improvement
-
transparent security practices
This ensures our platform can support:
-
underwriting workflows
-
exposure management
- portfolio and reporting systems
without compromising on security or performance.
Security & Compliance
We operate in line with recognised industry standards and frameworks.
ISO 27001 certified – independently verified security and risk management
FSQS Stage 2 supplier – approved for use by banks and insurers
Cyber Essentials certified – protection against common cyber threats
We have also transitioned to the latest ISO 27001:2022 standard, reinforcing our commitment to maintaining current, best-practice security frameworks.
Trust & Transparency
We believe security should be visible, not hidden.
Our Trust Centre provides customers and prospects with clear access to:
-
security policies
-
certifications
-
operational practices
Designed to simplify due diligence, it gives customers confidence in how we manage and protect data.
Data Protection
Addresscloud has strong processes in place to protect personally identifiable information, including customer records.
-
GDPR compliant and registered with the ICO
-
Data stored within the UK and EU
-
Strict controls on data access and handling
We ensure that data is:
-
protected at all stages
- accessed only when required
- handled in line with regulatory expectations
Platform & Infrastructure Security
Our platform is designed for reliability and resilience.
-
Hosted on Amazon Web Services (AWS) in UK and EU data centres
-
AWS environments with rigorous physical and operational security controls
-
Infrastructure aligned to ISO 27001 standards
This allows us to exceed the level required by enterprise insurers.
- high availability
- secure processing
-
scalable performance
Monitoring & Testing
Security is actively managed, not periodically reviewed.
-
Continuous vulnerability monitoring via CREST-approved providers
-
Annual penetration testing
-
Regular internal reviews and updates
Findings and updates are shared transparently through our Trust Centre.
Continuous Improvement
Security is not static. We invest continuously to:
-
evolve our Information Security Management System (ISMS)
- move towards real-time compliance monitoring
- strengthen our ability to respond to emerging threats
These improvements ensure we remain aligned with:
-
changing regulatory requirements
- evolving customer expectations
-
new security risks
Why It Matters
For our customers, security is not a standalone requirement.
It underpins:
- every underwriting decision
- every data interaction
- every system integration
Addresscloud provides a platform where:
-
data is secure
-
systems are reliable
- and decisions can be made with confidence
Request Access to Our Trust Centre
Explore our security policies, certifications and practices in detail.