ProSure+ is hosted by Microsoft on their Azure cloud and so represents the best way to include class-leading Health & Safety management within your organisation without incurring the overheads of hardware and software infrastructure.
Our hosted solution allows you to take full advantage of the class-leading Microsft Azure cloud platform and securely implement a class-leading Health & Safety solution within your organisation without requiring any software installations.
ProSure+ takes full advantage of being hosted in the cloud. Utilising the power of the Microsoft distributed servers, we ensure that you always have the access and performance you need. As your demand increases, so ProSure+
Microsoft makes security and privacy a priority at every step, from code development to incident response.
Microsoft designs its software for security from the ground up. They build security into software code following an approach known as the Security Development Lifecycle (SDL). This company-wide, mandatory development process embeds security requirements into the entire software life cycle, from planning to deployment. To help ensure that operational activities follow the same security priorities, they’ve developed rigorous security guidelines laid out in the Operational Security Assurance (OSA) process. When issues arise, a feedback loop helps ensure that future revisions of OSA address them.
Microsoft builds privacy protections into Azure through Privacy by Design, a programme that mandates how they build and operate products and services to protect privacy. Standards and processes arise out of the Microsoft Privacy Standard, which details Microsoft’s core privacy requirements and practices
Microsoft has leveraged its decades-long experience of building enterprise software and running some of the world’s largest online services to create a robust set of security technologies and practices. These help ensure that Azure infrastructure is resilient to attack, safeguards user access to the Azure environment and helps keep customer data secure through encrypted communications as well as threat management and mitigation practices, including regular penetration testing.
Managing and controlling identity and user access to your environments, data and applications by federating user identities to Azure Active Directory and enabling multi-factor authentication for a more secure sign-in.
Encrypting communications and operation processes. For data in transit, Azure uses industry-standard transport protocols between user devices and Microsoft data centres, and within data centres themselves. For data at rest, Azure offers a wide range of encryption capabilities up to AES-256, giving you the flexibility to choose the solution that best meets your needs.
Securing networks. Azure provides the infrastructure necessary to securely connect virtual machines to one another and to connect on-premises data centres with Azure VMs. Azure blocks unauthorised traffic to and within Microsoft data centres, using a variety of technologies. Azure Virtual Network extends your on-premises network to the cloud through site-to-site VPN.
Managing threats. To protect against online threats, Azure offers Microsoft Anti-malware for cloud services and virtual machines. Microsoft also employs intrusion detection, denial-of-service (DDoS) attack prevention, regular penetration testing and data analytics and machine learning tools to help mitigate threats to the Azure platform.
For more than 20 years, Microsoft has been a leader in creating robust online solutions designed to protect the privacy of our customers. Our time-tested approach to privacy and data protection is grounded in our commitment to organisations’ ownership of and control over the collection, use and distribution of their information.
We strive to be transparent in our privacy practices, offer you meaningful privacy choices and responsibly manage the data we store and process. One measure of our commitment to the privacy of customer data is our adoption of the world’s first code of practice for cloud privacy, ISO/IEC 27018.
You own your own data. With Azure, you have ownership of customer data – that is, all data, including text, sound, video or image files and software, that is provided to Microsoft by you, or on your behalf, through the use of Azure. You can access your customer data at any time and for any reason without assistance from Microsoft. We will not use customer data or derive information from it for advertising or data mining.
You are in control of your data. Because the customer data you host on Azure belongs to you, you have control over where it is stored and how it is securely accessed and deleted.
How we respond to government and law enforcement requests to access data. When a government wants customer data – including for national security purposes – it must follow the applicable legal process, serving us with a court order for content or a subpoena for account information. If compelled to disclose customer data, Microsoft will promptly notify you and provide a copy of the demand, unless legally prohibited from doing so. We do not provide any government with direct or unfettered access to customer data, except as directed by you or where required by law.
Azure meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards, such as Australia IRAP, UK G-Cloud and Singapore MTCS.
Rigorous third-party audits, such as by the British Standards Institute, verify Azure’s adherence to the strict security controls these standards mandate. As part of the Microsoft commitment to transparency, you can verify their implementation of many security controls by requesting audit results from the certifying third parties.
When Microsoft verifies that their services meet compliance standards and demonstrates how they achieve compliance, that makes it easier for their customers to secure compliance for the infrastructure and applications they run in Azure.