Data Protection

We use multiple methods to ensure security and GDPR compliance. These are just some of them:

  • data encryption in transit and at rest
  • strict access control to persisted data, 2 factor authenticated
  • strict access control to the cloud subscriptions, 2 factor authenticated
  • access based on renewable, authenticated API keys
  • “data separation”, or technically data source identification
  • limited data retention
  • regular code vulnerability scans, both for activities and backend
  • regular penetration tests
  • automatic vulnerability updates as part of Azure’s Platform as a Service
  • various abuse and DDoS detection and mitigation techniques such as SYN cookies, rate limiting and connection limits
  • 24x7 SRE and Security team
  • secrets, such as encryption keys, are managed, stored, rotated, and transmitted securely through the Azure Management Portal
  • GDPR compliance
1 Like