This article describes how Cloudiway, built on Windows Azure, provides a secure environment for your migrations and identity management.
Microsoft’s public auditor Deloitte has issued a Service Organization Control (SOC) 2 Type 2 report for Windows Azure in security, availability and confidentiality trust principles: http://azure.microsoft.com/en-gb/support/trust-center/compliance/
Cloudiway leverages Windows Azure certifications and attestations to provide assurance to our customers regarding the security of the infrastructure, network, and physical security layers of Cloudiway’s cloud.
The entire environment is hosted in Windows Azure which follows SOX recommendations to physically secure access to the datacenters.
By default, since Cloudiway platform is a SaaS application, the platform is shared between customers.
However, Cloudiway is able to provide a dedicated environment to customers who require dedicated environments.
Customer data are encrypted using the AES-256 algorithm.
Communication between client browsers and Cloudiway servers takes place over SSL.
Migration data and IAM data are exchanged over SSL between the cloud providers (ie Google Apps, Office 365, Sales Force, etc…) and the Cloudiway servers.
Confidential customer information is never stored outside of the Windows Azure infrastructure and is automatically destroyed after 90 days of inactivity, or sooner if requested.
Cloudiway ensures that the appropriate level of logging is implemented at application level, database level and operating system level, necessary for analysis and investigation in case of an incident or issue.
Logs are backed up daily and retained for 90 days.