Network & application penetration tests
Do you conduct network / application penetration tests of your cloud service infrastructure regularly?
Tenant data encryption & segmentation
Is Auto Insights able to logically segment/encrypt customer data in such a way that access to data may be confined to a single tenant without being providing inadvertently to other tenants?
All tenant data is stored in logically discrete Azure blobs protected by Azure information protection.
Data storage location
Are you able to restrict the storage of customer data to specific countries or geographic locations? Do you provide tenants with geographically-resilient hosting options?
Yes, Auto Insights is hosted by Microsoft Azure, which supports a network of MS-managed data centres distributed globally.
Information security system management
Do you restrict, log and monitor access to your information security management systems? (e.g. hypervisors, firewalls, vulnerability scanners, network sniffers, APIs, etc.)
Access to information security management is restricted to the Auto Insights CTO, who maintains logs and monitors the system.
Are system and network environments protected by a firewall or virtual firewall to ensure compliance with legislative, regulatory and contractual requirements?