Microsoft Azure's infrastructure includes:

• hardware
• software
• administrative staff
• operations staff, and
• physical data centres

Complyfile is able, through Azure, to addresses security risks across its infrastructure with:

• continuous intrusion detection
• prevention systems
• denial of service attack prevention
• regular penetration testing, and
• forensic tools

that help identify and mitigate threats.

24-hour monitored physical security

Microsoft datacenters are physically constructed, managed, and monitored 24 hours a day to shelter data and services from unauthorized access as well as environmental threats.

Monitoring and logging

Centralized monitoring, correlation, and analysis systems manage the large amount of information generated by devices within Complyfile's environment in the Microsoft Azure cloud platform, providing continuous visibility and timely alerts to the teams that manage the service.

Patch management

Security patches help protect systems from known vulnerabilities. Integrated deployment systems manage the distribution and installation of security updates for the Azure service.

Anti-Virus/Anti-Malware protection

Microsoft Antimalware is built-in to Cloud Services to help identify and remove viruses, spyware and other malicious software and provide real time protection.

Intrusion detection/Distributed Denial of Service (DDoS) Defense

Azure uses standard detection and mitigation techniques such as SYN cookies, rate limiting, and connection limits to protect against DDoS attacks. The Azure DDoS defense system is designed to withstand attacks from outside the system as well as attacks staged by other customers.

Penetration testing

Microsoft conducts regular penetration testing to improve Azure security controls and processes. Complyfile is also able to carry out authorized penetration testing on the Complyfile platform hosted in Azure.