Security & Compliance
Security without compromise.
Liquify's infrastructure security goes beyond certification. From bare-metal isolation and access controls to continuous monitoring and ISO/IEC 27001:2022 compliance — security is embedded in how we operate.
ISO/IEC 27001:2022
Certified
Bare-Metal
Infrastructure
UK-Based
Operations
24 / 7
Monitoring
How we protect your infrastructure
End-to-end security across every layer.
Security at Liquify covers the full stack — physical hardware, network, access, data, and operations. These are not aspirational commitments; they are part of how the business runs under our ISO/IEC 27001:2022 certified management system.
Infrastructure Security
Our bare-metal server estate is hardened with network-level DDoS mitigation, firewalls, intrusion detection, and strict network segmentation. No shared cloud tenancy — your workloads run on dedicated hardware we own and operate.
Access & Privilege Control
Access to systems and sensitive information follows a least-privilege model. Roles are reviewed regularly, access is removed promptly when no longer required, and all privileged operations are authenticated appropriately.
Data Protection
Data in transit is protected using TLS. We apply a structured approach to information classification, storage, and retention — collecting only what is operationally necessary and applying appropriate controls throughout the lifecycle.
Vulnerability Management
Our infrastructure and applications are subject to ongoing vulnerability assessment and periodic penetration testing. Findings are tracked, prioritised, and remediated in line with our risk management process.
Monitoring & Incident Response
We maintain continuous visibility across infrastructure through active monitoring and alerting. A defined escalation and incident response process ensures issues are identified, contained, and reviewed with appropriate speed.
Business Continuity
Critical services are designed with redundancy in mind. We maintain business continuity and disaster recovery plans, reviewed as part of the ISMS, to ensure resilience and defined recovery objectives for operational disruptions.
Physical & Network Security
Bare-metal. No shared tenancy.
Liquify owns and operates its own bare-metal server infrastructure across multiple geographic locations. There is no shared cloud tenancy — each deployment runs on hardware we control directly, giving physical and network isolation that cloud-based providers cannot offer by design.
- Proprietary bare-metal server estate
- Network-level DDoS mitigation and firewall rules
- Strict network segmentation between workloads
- Geographically distributed for resilience
- Physical access controls at all data centre locations
Certified by NQA to ISO/IEC 27001:2022. Certificate details available on request.
Request certificate detailsISO/IEC 27001:2022
Certified. Audited. Continuously improved.
Liquify Ltd's Information Security Management System is certified to ISO/IEC 27001:2022 by NQA. The certification is not a one-time exercise — it requires annual surveillance audits and a full recertification cycle, meaning our security controls and governance are subject to independent review on an ongoing basis.
Standard
ISO/IEC 27001:2022
Certified Entity
Liquify Ltd
Management System
Information Security Management System
Certifier
NQA
Responsible disclosure
If you believe you have found a security vulnerability affecting Liquify's infrastructure or services, please contact us. We will acknowledge your report and work to address valid findings promptly.
Frequently Asked Questions
Is Liquify certified to ISO/IEC 27001:2022? +What does this certification apply to? +Does Liquify use shared cloud infrastructure? +How do I report a security issue? +Can I request a copy of the certificate or additional assurance documentation? +
Explore More From Liquify
Move from security and compliance into the related Liquify pages that buyers, operators, and partners usually review next.
