Security Information

Company History

We are a real UK company (Company No. 3980207), with our head office based in Stafford employing 25 full time staff. We have been trading since 1995 and have been offering online file storage services since 2005. For more information, read more about us

Physical Safety and Security

Our servers are physically located within a UK based data centre. Access to the servers is protected by CCTV, virtual tripwires, photographic identification, security tag door entry and padlocks.

The equipment used to provide the service is owned by iWeb.

Your data, when stored on our servers, is always located within the United Kingdom.

Physical Security

  • Integrated digital video camera surveillance throughout the exterior.
  • Independent client-card identification access system.
  • Unified security-breach alarm with access monitoring. 24/7/365 manned.
  • Secure managed delivery and loading bays.


iWeb FTP servers are fed from two power sources: our in-rack UPSes and the main data centre power feed. The data centre feed is N+1 redundant, with its own UPS bank and diesel generator.


Monitored continuously from the Network Operations Centres, the fire detection and suppression systems minimise risk and suppress fires quickly to prevent problems from spreading.

  • High sensitivity smoke detection systems (VESDA).
  • VESDA immediately detects airborne heat and smoke particles, notifying the on-site facility staff before a fire has an opportunity to start.
  • Fully addressable two-stage fire detection system that monitors the underfloor, room and ceiling void space (smoke and heat).


The data centre utilises a robust heating, ventilation and air conditioning (HVAC) system which delivers stable air flow, temperature and humidity for efficiency equipment operation.

  • Minimum N+1 redundancy on chilled water-cooling system.
  • Fully concurrently maintainable, dual-path secondary chilled water.
  • Close Control Units (CCUs) provide conditioned air to the data vtttfloors at a minimum N+2 redundancy.

Accessing Your Data

All of your data, including backups, is stored encrypted at rest and our default access methods (FTP-over-SSL and HTTPS) support encryption in flight. We also support the SFTP (or Secure FTP) protocol.

Access to your data is only permitted to our vetted administration team and all activity is logged for your peace of mind.


To protect your data we:

  • Encrypt your data in flight using SecureFTP, FTPS and HTTPS
  • Encrypt your data at rest
  • Encrypt all backups at rest and in flight
  • Use industry standard 2048 bit Secure Socket Layer (SSL) certificates, and prefer 256 bit AES encryption.
  • Hash all passwords: they are never stored in plain text.

If you have the highest of privacy requirements, we recommend that you practice end-to-end encryption in addition to our service.

Operational Security

We blend security technologies to give us multilayer protection. On the perimeter, firewalls protect our servers from unwanted visitors. This is complimented with a bespoke layer of brute force protection.

We are registered with the Information Commissioner's Office (registration number Z7760712).

Resilience and Backup

Your data is spread in real-time across multiple physical branded storage arrays. This private cloud infrastructure protects us heavily against the loss of data.

Each night a snapshot of the array contents is mirrored to a backup array for disaster recovery purposes.

Online Payments

We tokenise your payment card details. At no point during any transactions do we have access to your card details.

All credit card information is stored in a PCI compliant payment system.