Login

SECURITY AND COMPLIANCE

This article describes how Cloudiway, built on Windows Azure, provides a secure environment for your migrations and identity management.

Security
Service Organization Control

Windows Azure secure environment

Microsoft’s public auditor Deloitte has issued a Service Organization Control (SOC) 2 Type 2 report for Windows Azure in security, availability, and confidentiality trust principles:
https://www.microsoft.com/en-us/trust-center/compliance/compliance-overview

Security and compliance

Cloudiway leverages Windows Azure certifications and attestations to provide assurance to our customers regarding the security of the infrastructure, network, and physical security layers of Cloudiway’s cloud.
Business merger issues

Security

Physical and logical protection against unauthorized access.

Business merger issues

Availability

The system is operationally available for use as committed or agreed.

Business merger issues

Processing integrity

System processing is complete, accurate, timely, and authorized.

Business merger issues

Confidentiality

All information is classified and protected as committed or agreed.

Business merger issues

Privacy

Personal information is collected, used, retained, and transferred as committed or agreed.

Business merger issues

Data Processing Addendum (“DPA”)

available online , when the GDPR applies to the use by Customer of the Services to process Customer Data (as defined in the DPA).

Physical Security

The entire environment is hosted in Windows Azure which follows SOX recommendations to physically secure access to the datacenters.

USA customers: EastUS data center
Other regions: NorthEurope data center
For more information, please contact us.

Customer Segregation

By default, since Cloudiway platform is a SaaS application, the platform is shared between customers.

However, each customer project is logically separated and given its own Azure SQL database. Cloudiway is able to provide a dedicated environment to customers who require dedicated environments.

Systems access controls
  • Access to the platform is protected by a login-name/password combination.
  • Passwords are hashed in a non-reversible way using the SHA-256 algorithm and are not stored on our internal system.
  • Once logged in, customers have access only to their set of information.
Patch antivirus scanning
  • Up-to-date antivirus software is installed in every computer.
  • Servers are automatically patched by Microsoft in Windows Azure.

Data encryption

Customer data are encrypted using the AES-256 algorithm.

Azure SQL databases use default Transparent Data Encryption for all data at rest.

SSL and HTTPS

Communication between client browsers and Cloudiway servers takes place over SSL.
Migration data and IAM data are exchanged over SSL between the cloud providers (ie Google Apps, Office 365, Sales Force, etc…) and the Cloudiway servers.

Data destruction

Confidential customer information is never stored outside of the Windows Azure infrastructure and is automatically destroyed after 90 days of inactivity, or sooner if requested.

Logging

Cloudiway ensures that the appropriate level of logging is implemented at the application level, database level and operating system level, necessary for analysis and investigation in case of an incident or issue.

Logs are backed up daily and retained for 90 days.

In-depth security of the platform

This article describes how Cloudiway, built on Windows Azure, provides a secure environment for your migrations and identity management.

Find out more
cloudiway white
Cloudiway provides innovative solutions
For efficient data migration and enterprise coexistence. A smart ally to master each transition to the cloud and ensure productivity and high business performance.
 

Follow Us

Facebook-f Twitter Youtube Linkedin-in

Quick Links

CLOUDIWAY DEVELOPS A SAAS PLATFORM THAT ALLOWS INFORMATION TECHNOLOGY BUSINESSES TO MIGRATE MAILBOXES, FILES, DRIVES, GROUPS, TEAMS, CONVERSATIONS, AND MORE BETWEEN DIFFERENT TENANTS AND COLLABORATION TOOLS.

© 2023. All Rights Reserved.