Security

"ICRA Systems is secure and security is continuously ensured by certified parties."

The security of your information is our top priority. Our hosting partner is DNV-GL ISO 27001 certified. The ICRA Systems application uses Azure PaaS services which consists of an Azure Subscription containing:

  • SQL Database for permanent storage of user data.
  • App Service for hosting application logic.
  • Key Vault for secure storage of confidential information.
  • Application Insights for collection of application logic events.
  • Monitor for full-stack monitoring.
  • Backup for backup of user data.

All services are located in the West Europe region (Amsterdam). In addition, much attention is paid to Updates. All services used are platform as a service. This means that the operating system and application stack are managed by Microsoft Azure. Azure manages operating system patching on two levels, the physical servers and the virtual guest machines (Vm's) that run the Services resources. Both are updated monthly.

Separation of tasks

  • Azure Subscription has 2 owners.
  • Azure DevOps service principal only has rights to create infrastructure.
  • RBAC on permissions in Azure DevOps pipeline.

Management of authorized access rights

  • Access rights are monitored through Azure Policy.
  • MFA is enabled for accounts with owners permissions for the subscription.
  • An Azure Active Directory administrator is set up for SQL servers.

Policy for cryptography

  • Azure App Service can only be accessed via HTTPS.
  • TLS 1.2 encryption is applied to all connections.
  • Logging of events.
  • All event logging is stored centrally in Azure Monitor.

Benieuwd naar hoe wij te werk gaan bij ICRA Systems?