TransparentChoice - Security Overview
Our customers often make strategically important or sensitive decisions using our product. We have a duty to protect your information and this document sets out some of the ways we do it.
Security is a journey that never ends, yet we feel that our approach already provides a higher level of security than many enterprise environments.
NOTE: This page is TransparentChoice Limited confidential information. Please do not share it with anyone not covered by our non-disclosure terms and only share it with people who need access to this information.
World-class infrastructure & compliance
Our application and all your data reside on Microsoft’s Azure platform. This allows us to leverage Microsoft’s world-class security processes and infrastructure. This includes;
- Physical security (video cameras, security personnel, secure entrances, staff vetting, etc.)
- Threat management (DDoS, anti-malware, penetration testing, behavioural analytics, anomaly detection)
- Transparent compliance reports including ISO 27001 and 27018, PCI DSS, SOC, GRC, ENS and FedRAMP
- In addition to testing the infrastructure layer, we also regularly test our application against ISO 27001 standards, AZURE CIS 1.1.0 and PCI DSS 3.2.1, SOC TSP.
By default we use Microsoft Azure cloud infrastructure provisioned in data centers located in the USA. Other geographic locations are available at an additional charge. Please contact us using this address to find out more: contact@transparentchoice.com
Keeping your data secure
Your data is important so we encrypt your data at all stages. And that’s not all...
- The data between your web browser and our servers is encrypted using 256-bit encryption.
- We use continuous and automated data discovery and classification . We identify confidential data, personal personal data, etc. This allows us to use the appropriate protection mechanisms for those data types. For example, passwords are protected by one-way encryption, hashed with brute-force search-resistant algorithms (BCrypt).
- All customers’ data is also encrypted at rest; all our storage services are encrypted in real-time with keys managed by Microsoft.
- We perform periodic data deletion to ensure that we are not storing sensitive data for longer than is necessary.
- Our access to customers’ data in the database is limited to just two people, reducing the chances of human-driven data theft.
- Native multi-tenant architecture ensures nobody else sees your data. User-name and password-driven filtering ensures that nobody else sees your data.
- Our claim-based authorization mechanism within the database ensures that every interaction with the data is secure and is logged.
- We block/disable any insecure ways to access data and services in our data center. For example, it’s not possible to connect to our application or data servers with an unsecured link even from within TransparentChoice.
Penetration testing and infrastructure updates
Working with Microsoft Azure gives us a number of advantages in the area of security. Azure Security Center provides tools, information and support to:
- Strengthen security posture, policies and procedures
- Protect the whole infrastructure with natively integrated security mechanisms
TransparentChoice uses Microsoft’s world-class Intrusion Detection and Intrusion Prevention systems (IDS/IPS). In addition, Microsoft Azure allows us to ensure firewalls and antivirus are up-to-date. In addition, security patches are automatically applied, often on the same day that vulnerabilities are announced.
Monitoring access and availability
Monitoring allows us to ensure both availability and security remains high. All key resources including all storage services and databases are monitored with Azure Monitor.
We have real-time access to logs, metrics and alerts for all key resources which helps us understand the health, operation & performance of our solutions. Moreover our diagnostics and telemetry capabilities let us react to and troubleshoot problems quickly. Our automated tools alert us to any critical conditions.
- A log of administrative activity ensures we can track any inappropriate activity.
- Security alerts ensure we can respond quickly to any attacks or breaches.
- Service availability alerts and automation ensures our team can respond quickly to any problems.
- Regular external checks provide security recommendations to our operations team.
- Policy enforcement ensures that everything is set up appropriately. This includes access, infrastructure set-up, geo/location policies and more.
- Autoscale capabilities mean we can react quickly to changes in demand for our services.
- Resource health monitoring allows us to track the status and health of resources in any data center we use.
- Access control for all types of users is powered by Azure Active Directory. This gives us high confidence when authenticating users, helping keep data safe.
Recovering from disasters
It’s a crazy world and bad things can happen despite all of our planning, processes and tools. If our data center does go down, we still have you covered.
We make geo-redundant backups several times throughout the day. This means that even if we have a total-loss disaster, we aim to lose no more than 4 hours of data (RPO = 4 hours).
In the event of a complete disastrous loss of processing capabilities, everything should be back to normal within 8 hours (RTO = 8 hours). Of course, in many situations, we would have things up-and-running much quicker than this.
Keeping non-production data safe
Sometimes we need access to data that is not “live, production data”. For example, we occasionally need your data for testing and to trouble-shoot bugs. We try to minimize any customer data in such a non-production system.
Development and testing are mostly done using non-customer data created by our team.
In some cases, we cannot replicate customer bugs using our own “dummy data”. In this case, we may copy some customer data. In most cases, this is done using a separate Azure instance (which has all the same security protection as our production system). These instances are deleted as soon as the task is completed.
In order to maintain control over any non-production copies of customer’s data, only two people have access to our production database. These individuals are responsible for making sure all copies that are made are then deleted at the earliest possible time.