Platform Level Security and High Availability
The entire stack is built on Microsoft Azure cloud platform. This includes the Application Layer and the Database Layer. For security reasons, the traditional methods of installing an SQL Server and a Virtual Machine are not used. Instead, we used Azure SQL, which is the next generation SQL Server in the cloud, and for the Application Layer, we use Microsoft Application Services. This makes it both secure and Highly Available at the platform level.
Authorization & Data Security
Because of the Azure native SQL, App Service, and OAuth 2.0, the transfer of data from start through to end remains secure and intrinsically inherits the strongest level of SSL security that Microsoft is using for its own fleet of Azure services. Access to your Azure MS SQL Server is provided via unique and secure authorization.
Additionally, we have visibility and control over the security of our customer's Databases. We continuously monitor the resources to prevent, detect, and respond to threats. We use Azure security protocols to ensure confidentiality, integrity, and availability of personal data using Advanced Threat Analytics, Application Gateway, Azure Active Directory, Azure Backup, Azure Key Vault, ExpressRoute, Log Analytics, and Network Security Groups.
All connections to the Azure SQL Database require encryption (SSL/TLS 1.2) at all times while data is "in transit" to and from the database, so the data remains secure all the times. We utilize transparent data encryption which encrypts your database, backups, and logs at rest. Customers are provided a secure endpoint to connect to their Database from within Power BI.
Azure SQL Databases also participate in regular audits and have been certified against a number of compliance standards. It has industry-leading security measures and privacy policies to safeguard data in the cloud, including the categories of personal data identified by the GDPR.