Formpipe.cloud takes data security very seriously. We built our platform around many security-focused features and took the necessary steps to handle both platform and customer data security.
Features
Application Gateway
Multi-Factor Authentication (MFA)
Azure Service Endpoints
End-to-End encryption
HTTPS encryption
How Do We Prevent Unauthorised Access to the Platform?
All web traffic to Formpipe.cloud is routed through our Application Gateway. This is a separate entity from servers hosting applications and data, protecting them from malicious attacks and unauthorized access. It also has the added functionality to restrict access with IP whitelisting, greatly improving security.
Application Gateway has built-in extensive monitoring and alerting tools to detect 'bad requests', and additional protection is enabled with port scanning tools and DDoS protection.
(4).png "image (1)(4).png")
Manage Users
Accounts on the platform are linked to the Formpipe domain and controlled by Multi-Factor authentication (MFA). Therefore, on our domain, we can manage users' access levels and view who is accessing what resources.
How Are Data Transfer Channels Protected?
We use Azure Service Endpoints which provide direct connectivity between services in Azure without connecting to a public IP address. On our standard subscription, we use HTTPS protocols to encrypt data transfer channels.
Encryption
Application traffic uses end-to-end transport layer encryption and/or application-specific encryption mechanisms (for instance, message-level encryption when sending payloads over other communication channels).
Data at rest is encrypted for Azure services and storage (Azure Blob Storage and Azure SQL).
Environments have storage encryption applied and use Azure Key Vault to store encryption keys securely.
Lasernet portal and Autoform DM are only accessible via TLS 1.2 HTTPS communication protocol.