We host the solutions on a dedicated Azure server in the event that a customer is interested in complete segregation.
Security authentication is provided via Azure security standards.
Local user accounts can be used or SSO (Single Sign-On) can be configured using ADFS.
The data that is sent and stored by default is: timestamp, page URL, user ID, session ID, browser type and operating system, IP address. Additional information about the user can be retrieved from Active Directory or SharePoint user profiles (configurable). For example the user name, email, department, location etc.
The data is sent over using HTTPS/SSL.
a) We would like to clarify that data means usage information and not actual portal data or actual content information.
b) Our support engineering team has access to the system which is hosted on Azure.
c) Access to any customer data is allowed for bug fixing and/or configuration, only after an authorized request was approved by the head of the engineering support team.
An option for data archival / backup copy is available assuming that (a) the account is still active (was not deactivated) and (b) within the following disclaimers:
I) The service was provided for a period of thirty-six (36) months or longer – one time data archive / backup will be provided for free at the end of the services, upon customer specific request
II) The service was provided for a period of less than thirty-six (36) months – one time data archive / backup will be provided via professional services efforts and will be billed separately at the end of the services, upon customer specific request
Once the service is ended, the data and/or software is removed.
CardioLog SaaS is hosted on an Azure server and utilizes a site-to-site VPN to communicate to the monitored environment.