Security Built For Underwriting, Not Bolted On

The security of our platform is fundamental to how Addresscloud supports insurers operating in regulated, high-trust environments.

We design our services to ensure that data is secure, accessible and reliable at the point of decision.

Our Approach

Addresscloud is built on a simple principle: Data used in underwriting decisions must be secure, consistent and available in real time.

Our approach combines:

  • enterprise-grade infrastructure
  • continuous monitoring and improvement
  • transparent security practices

This ensures our platform can support:

  • underwriting workflows

  • exposure management

  • portfolio and reporting systems

without compromising on security or performance.

Security & Compliance

We operate in line with recognised industry standards and frameworks.

ISO 27001 certified – independently verified security and risk management

FSQS Stage 2 supplier – approved for use by banks and insurers

Cyber Essentials certified – protection against common cyber threats

We have also transitioned to the latest ISO 27001:2022 standard, reinforcing our commitment to maintaining current, best-practice security frameworks.

Trust & Transparency

We believe security should be visible, not hidden.

Our Trust Centre provides customers and prospects with clear access to:

  • security policies

  • certifications

  • operational practices

Designed to simplify due diligence, it gives customers confidence in how we manage and protect data.

Data Protection

Addresscloud has strong processes in place to protect personally identifiable information, including customer records.

  • GDPR compliant and registered with the ICO

  • Data stored within the UK and EU 

  • Strict controls on data access and handling

We ensure that data is:

  • protected at all stages

  • accessed only when required
  • handled in line with regulatory expectations

Platform & Infrastructure Security

Our platform is designed for reliability and resilience.

  • Hosted on Amazon Web Services (AWS) in UK and EU data centres

  • AWS environments with rigorous physical and operational security controls

  • Infrastructure aligned to ISO 27001 standards

This allows us to exceed the level required by enterprise insurers.

  • high availability
  • secure processing
  • scalable performance

Monitoring & Testing

Security is actively managed, not periodically reviewed.

  • Continuous vulnerability monitoring via CREST-approved providers

  • Annual penetration testing

  • Regular internal reviews and updates

Findings and updates are shared transparently through our Trust Centre.

Continuous Improvement

Security is not static. We invest continuously to:

  • evolve our Information Security Management System (ISMS)

  • move towards real-time compliance monitoring
  • strengthen our ability to respond to emerging threats

These improvements ensure we remain aligned with:

  • changing regulatory requirements

  • evolving customer expectations
  • new security risks

Why It Matters

For our customers, security is not a standalone requirement.

It underpins:

  • every underwriting decision
  • every data interaction
  • every system integration

Addresscloud provides a platform where:

  • data is secure

  • systems are reliable

  • and decisions can be made with confidence

 

Request Access to Our Trust Centre

Explore our security policies, certifications and practices in detail.