
Technology and Security
Cutting-edge technology and uncompromising security for your Insurance solutions.

We understand that robust technology and stringent security measures are paramount to delivering reliable and efficient insurance management solutions. Socrates Online is built using the latest development technologies and adheres to the highest security standards, ensuring that your business operations are seamless, secure, and scalable.
Server Platform
Socrates Online is hosted on Amazon Web Services (AWS), a leader in cloud infrastructure trusted by high-profile enterprises like Expedia and Netflix. AWS offers a scalable pricing structure, making it a feasible solution for systems of any size. The main AWS services we utilise include:
Elastic Cloud Compute (EC2)
For running web applications with high performance.
Simple Storage Service (S3)
For secure and scalable file storage.
Relational Database Service (RDS)
For efficient and reliable database management.

What software do we use?
Socrates Online is developed with a modern tech stack to ensure flexibility, performance, and maintainability.
Backend
-
PHP running on Nginx serves as our primary server-side language, supporting paradigms like inheritance, encapsulation, and polymorphism.
-
Laravel Framework: Built on PHP, Laravel offers a robust structure with tools for MVC, testing, ORM, and encryption.
-
Composer: Manages all PHP dependencies efficiently.
Database
-
PostgreSQL: An ACID-compliant database with multi-version concurrency control, ensuring reliable data management.
-
ORM: Utilises Doctrine (DataMapper pattern) or Eloquent (ActiveRecord pattern) to keep database queries and business logic separate.
Frontend
-
React: A powerful JavaScript library for creating reusable, state-aware components.
-
Redux: Maintains a consistent front-end state, acting as a single source of truth.
-
Bootstrap: Ensures responsive design across all devices with its grid-based framework and UI components.
-
Webpack & NPM: Manage front-end assets and dependencies seamlessly.
Development Practices
Security Standards
Addressing the OWASP Top 10 security risks to prevent common vulnerabilities.
CREST-approved penetration testing and PCI compliance checks to safeguard data integrity and security.
Data Protection
All data is transmitted over HTTPS (TLS 1.2).
User passwords are securely hashed using Bcrypt.
Sensitive data is protected with strict access controls and stored in secure, encrypted environments.
Coding Standards
Consistent coding styles ensures readability and maintainability.
QA Testing & Error Handling
Testing processes confirm functionality and catch potential issues early.
Graceful error handling ensures that sensitive information is never exposed to users.
Version Control & Deployment
Git is used for version-controlled source code management.
Controlled deployment processes prevent unauthorised changes and ensure system stability.

APIs
Socrates Online includes a versatile API (Application Programming Interface) designed to facilitate seamless integration with front-end interfaces and authorised affiliates. Our API supports three types of integration:
Direct API
-
Ideal for large agents looking to integrate Socrates Online products into their own systems.
-
Enables agents to gather quotation information on their side and query Socrates Online for pricing, maintaining the customer within their own system.
White Label
-
Suitable for small agents without the resources to integrate the full API.
-
Provides a fully branded version of the Socrates Online quote process, handling policy fulfilment seamlessly
Referral
-
Perfect for medium-sized agents with existing quote processes who wish to refer certain scenarios (e.g., medical cover) to Socrates Online’s white label.
-
Facilitates data transfer during redirection to maintain a smooth customer experience
API Guidelines
RESTful Web Services Utilises HTTP verbs for standard operations.
Secure Communication
Served over HTTPS to ensure data security.
Data Format
Adheres to the JSON-API standard for data interchange.
Resource
Identification: Uses UUIDs to reference resources uniquely.
Authorisation
Implements the OAuth2 framework for secure access.
Error Handling
Returns appropriate HTTP headers based on response status.
Security & Monitoring Partners
We collaborate with leading security providers and utilise state-of-the-art monitoring tools to ensure that Socrates Online remains secure, reliable, and compliant with industry standards. Our partners include:

Alert Logic
Provides advanced threat detection and response services, ensuring that potential security breaches are identified and mitigated swiftly.

Amazon Web Services (AWS)
Offers a secure and scalable cloud infrastructure, supporting our platform with robust compliance certifications and high availability.

Chaleit
Specialises in cybersecurity solutions, enhancing our system’s defense mechanisms against evolving threats.

Cloudflare
Delivers comprehensive DDoS protection and web performance optimisation, safeguarding our platform from malicious attacks and ensuring fast load times.

New Relic
Offers real-time performance monitoring and analytics, enabling us to optimise system performance and quickly address any issues.

Viking Cloud
Provides cloud services and security solutions, ensuring our data storage and processing meet the highest security standards.
