By default the data is stored in the Netherlands, with a failover in Ireland. If a customer has specific data requirements the customer can choose any of the 54 Azure regions worldwide: https://azure.microsoft.com/en-us/global-infrastructure/regions/ at the following locations: https://azure.microsoft.com/en-us/global-infrastructure/locations/
Customer environments and data in Azure are isolated using numerous mechanisms, technologies, policies, processes, and architectural elements. We have a change management process in place for DNS zone file updates. We manage our DNS zones by using Azure PowerShell: https://docs.microsoft.com/en-us/azure/dns/dns-operations-dnszones
We encrypt customer`s data with AES-256 using a unique key per customer. Data in transit and at-rest is encrypted by various protocols like BitLocker, HTTPS, and IPsec.
For data in transit, customers can enable encryption for traffic between their own VMs and end users. Azure protects data in transit, such as between two virtual networks. Azure uses industry standard transport protocols such as TLS (always the latest version) between devices and Microsoft data centers, and within data centers themselves. All connections between Microsoft Azure and Mavim are encrypted.
For wild card certificates and SSL private key management a sub-domain is created for each customer and a separate URL. Permission to access keys within the key vault are managed by Azure Active Directory to establish an audit trial and prevent keys from being compromised. Public facing SSL certificates are signed by an external trusted CA. Signature algorithm is SHA-2 and key size is RSA 4096 for the Mavim Portal and RSA 2048 for the Mavim Manager.
We have enabled HTTP Strict Transport Security (HSTS) and have a documented encryption key management procedure, covering a.o. key generation, distribution, storage, escrow/backup, rotation, and accountability/audit. Customer`s data is sanitized by Microsoft Azure, they adhere to ISO 9001 and 27001, SOC 1 and 2. Upon contract termination, data is securely deleted after 6 months as standard (seperate agreements can be made).
Keys are only handled at the server side. Key values are never echoed back to the client side user interface, not even encrypted values. Private SAML certificates are stored in the Azure certificate store.
Data deletion in Azure is according to NIST SP 800-88 R1 “Guidelines for Media Sanitization”