In an ever-changing digital world, it’s imperative that we navigate safely and protect our data. Guaranteeing the confidentiality and integrity of sensitive information is a major challenge. SIRFULL, a SaaS solutions provider, has made cybersecurity one of its top priorities. European Data Protection Day is an opportunity for us to explain how.
1. Choice of host
Our SaaS solutions are hosted by Microsoft, which offers the best guarantees of security and confidentiality, notably in its AZURE Cloud Offer. It complies with a wide range of international and industry-specific compliance standards (ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, etc.), as well as more country-specific standards (Australian IRAP standard, British G-Cloud standard, Singapore MTCS standard).
2. Physical security policy
Data is also physically protected. The datacenter housing our main data is surrounded by a 10-meter-wide moat to prevent intrusion by unauthorized vehicles. The premises are also protected by a video surveillance network and a biometric fingerprint access system.
3. Software security policy
To protect our software packages and therefore your data, access to our solutions is controlled by a firewall/proxy. Access supervision is carried out, detecting intrusions and monitoring the health of all infrastructures. Protection against Denial of Service (DDOS) attacks is also provided on our firewall to prevent any attack attempt. In addition to our firewall / proxy, we rely on CloudFlare to reinforce it.
4. Backup policy
Every night, production environments are backed up to a first Microsoft Azure storage space. The data is then replicated in another of their datacenters to ensure data backup and avoid any service interruption.
5. Workstation and server security policy
A SIEM (Security Information and Event Management) system and an EDR (Endpoint Detection and Response) solution have been deployed to centralize the storage and analysis of data from different sources. This allows you to control installed software, monitor user account activity and block malicious e-mails affecting workstations. On the server side, it checks machine health, prevents intrusions and supervises client connections.
In short, at SIRFULL, we take the security of your data very seriously, and do everything in our power to ensure you have a safe surfing experience.
