Physical & Network Security

askAiB is hosted by and uses the physical and network security options of Microsoft Azure.  No one at askAiB has physical access to live data or servers.

"When you use Azure services, you are entrusting us with one of your most valuable assets—your data. You trust that the privacy and confidentiality of the data you store and process in Azure services will be protected and that it will be used only in a way that is consistent with your expectations."

Learn more about Azure security here.

Our Azure hosting also provides best in class protection against:

 Direct Denial of Service (DDOS) attacks - when an attacker floords servers in an attempt to prevent user access 

 IP spoofing through the Azure Firewall - unauthorised users attempting to imitate a trusted, authorized source to gain access to your system

 Man In The Middle Attacks - when an unauthorised user attempts to put themselves between you and your data source, intercepting your data

 Packet sniffing -  a threat where a malicious entity captures network packets intending to intercept or steal data traffic that may have been left unencrypted

Web Application and Apps Security

Access to askAiB live sites is via secure HTTPS only.  All data is 256-bit encrypted at rest and in transit at all times and without exception, adhering to industry best practice and standards.

No unauthorised users will ever have access to your sites or data.

Key points for our application security:

 Secure Access - All access to askAiB live sites must be through a secure connection

 Encrypted Data Storage - We do not store any client data on our own network or servers outside of Microsoft's Azure infrastructure.

 Secure coding practices - 

 API security - 

 Authentication and Authorization - we have strong protocols in place to govern access including using multi-factor authentication (MFA), strong password policies and regularly reviewing and updating access permissions.

Data Hosting & Residency

askAiB can host your application and data within Microsoft's Azure infrastructure in either the USA or the UK.

All application servers and data storage will be based in your chosen region.  It will be possible for authorised users to access this data from other locations as standard.

Choose the region in which you want your data hosted.

Key points for data hosting and residency:

 UK or US hosting - All of your data and applications can be stored in whichever region your prefer

 Other regions available on request - We can store your data wherever you wish, contact us to discuss other regional hosting options.

 Decommissioning and Data Removal - Microsoft Azure follows NIST Special Publication 800-88 guidelines for media sanitization, ensuring data is securely erased or destroyed before storage resources are reused or decommissioned, using methods like overwriting, purging, and physical destruction.  More information can be found here.