Overcast maintains and applies a Physical Access Control Policy (eg office building, data centre, etc) including 24  hour CCTV coverage of access points.

Access controls to protect against unauthorised disclosure of sensitive information are applied in production and non-production environments.

Overcast supports the integration with client’s identity and access management systems including single sign on and multi-factor authentication.

To access the overcast platform, user information is authenticated and Overcast:

  • Hides passwords typed on-screen
  • Logs the user’s timestamp, location and failed logins
  • Forces a password change on first login
  • Assigns a unique ID
  • Disables dormant accounts on a regular basis


All staff are required as part of their onboarding to read and accept guidelines around Data Protection and Privacy. Confidentiality agreements are in place with all clients as part of a standard contract. NDAs are also in place with all employees and contractors as part of their standard contract. Third parties employed to provide services to Overcast (Stripe, AWS) are all ISO27001:2013 compliant. Our information security adheres to GDPR Best Practice.

Access to data follows Identity by Design principles and the Principle of Least Privilege which provides access to the system and data on a per user / per need basis. There is a separation of roles (Superadmin, admin, user, collaborator) with granular controls to safeguard the access to sensitive data.

Scroll to Top

This website uses cookies to ensure you get the best experience on our website. To manage cookies, please refer to our Privacy Policy. Please note that you must "accept" the privacy policy to continue using this website. View the Privacy Policy

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.