Cloud Security
General
In anticipation of cloud security concerns - and due to the rising costs required to implement the proper security layers - we chose to use an established and trusted cloud partner as the host of our solution. ProWrite Cloud is built in Microsoft Azure using a combination of Microsoft Active Directory for authentication, Windows Server Remote Desktop Services for application platform, and Azure SQL for the database tier.
Microsoft Azure Trust Center
Please visit the Microsoft & Azure Trust Center for additional information around security auditing, compliance, physical security, and privacy in the data center.
https://www.microsoft.com/en-us/trust-center/product-overview
https://azure.microsoft.com/en-us/overview/trusted-cloud/
https://azure.microsoft.com/en-us/overview/trusted-cloud/compliance/
Our Implementation
The production environment is secured behind a firewall. Only the gateway role is visible to the Internet. Each layer is further subnetted away from the public. Data is private per subscribed company and encrypted at rest and in transit using Azure SQL.
Azure SQL backs data up at every point in time for a 28 day window.
Internal access
Internal access to data is on an as needed basis only. Our technicians maintain separate account credentials for standard system use vs administrative system use. Technicians are only granted access to customer data when it is needed to fulfill service orders.