By building Complyfile on the Microsoft Azure cloud platform, Complyfile has direct control of access to our environment, data and application. Microsoft offers Complyfile comprehensive and federated identity and access management solutions to use across Azure and other services such as Office 365, helping us simplify the management of multiple environments; and control user access across our applications.
Enterprise cloud directory
Azure Active Directory is a comprehensive identity and access management solution in the cloud. It combines core directory services, advanced identity governance, security, and application access management. Azure Active Directory makes it easy for developers to build policy-based identity management into their applications. Azure Active Directory Premium includes additional features to meet the advanced identity and access needs of enterprise organizations.
Access monitoring and logging
Security reports are used to monitor access patterns and to proactively identify and mitigate potential threats. Microsoft administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made. There are additional tools to access monitoring functionality in Azure and use third-party monitoring tools to detect additional threats. At any time Complyfile can request reports from Microsoft that provide information about access to the Complyfile environment.
Strong authentication
Azure Multi-Factor Authentication reduces organizational risk and helps enable regulatory compliance by providing an extra layer of authentication, in addition to a user's account credentials, to secure cloud access.
Role-based access control
Multiple tools in Azure support authorization based on their role, simplifying access control across defined groups of users.