Customer data is kept secure by a combination of:
- technological safeguards, such as encrypted communications, and
- operation processes
By using Microsoft's Azure cloud services platform, Complyfile is able to leverage the flexibility of Azure to implement additional encryption and key-management.
Data in transit
Azure uses industry-standard transport protocols such as SSL and TLS between user devices and Microsoft data centers, and within data centers themselves
Data at rest
Complyfile's job is to for ensure that data stored in Azure is encrypted in accordance with our standards. Azure offers a wide range of encryption capabilities up to AES-256, giving customers the flexibility to choose the solution that best meets their needs. Options include .NET cryptographic services, Windows Server public key infrastructure (PKI) components, Microsoft StorSimple cloud-integrated storage, Active Directory Rights Management Services (AD RMS), and BitLocker for data import/export scenarios.
Azure is a multi-tenant service, meaning that multiple customers' deployments and virtual machines are stored on the same physical hardware. Azure uses logical isolation to segregate each customer's data from that of others. This provides the scale and economic benefits of multitenant services while rigorously preventing customers from accessing one another's data.
When customers delete data or leave Azure, Microsoft follows strict standards for overwriting storage resources before reuse, as well physical destruction of decommissioned hardware.