Physical security

SoftwareIDM understands the importance of protecting your data, and is committed to working with our reputable vendors to secure the datacenters that contain your data. Through funding from Microsoft and SoftwareIDM, all of your data is stored within the Azure cloud, when using our SaaS services. 

Microsoft designs, builds, and operates datacenters in a way that strictly controls physical access to the areas where your data is stored.  Microsoft has a division at Microsoft devoted to designing, building, and operating the physical facilities supporting Azure and therefore SoftwareIDM and your data. This Microsoft team, along with SoftwareIDM, is invested in maintaining state-of-the-art physical security.

SoftwareIDM and Microsoft take a layered approach to physical security to reduce the risk of unauthorized users gaining physical access to data and the datacenter resources. Datacenters managed by Microsoft have extensive layers of protection: access approval at the facility’s perimeter, at the building’s perimeter, inside the building, and on the datacenter floor.

Layers of physical security are:

Access request and approval. Persons must request access prior to arriving at the datacenter. Persons are required to provide a valid business justification for their visit, such as compliance or auditing purposes. All requests are approved on a need-to-access basis by Microsoft employees. A need-to-access basis helps keep the number of individuals needed to complete a task in the datacenters to the bare minimum. After Microsoft grants permission, an individual only has access to the discrete area of the datacenter required, based on the approved business justification. Permissions are limited to a certain period of time, and then expire.

Facility’s perimeter. When a person arrives at a datacenter, they are required to go through a well-defined access point. Typically, tall fences made of steel and concrete encompass every inch of the perimeter. There are cameras around the datacenters, with a security team monitoring their videos at all times.

Building entrance. The datacenter entrance is staffed with professional security officers who have undergone rigorous training and background checks. These security officers also routinely patrol the datacenter, and monitor the videos of cameras inside the datacenter at all times.

Inside the building. Persons who enter the building must then pass two-factor authentication with biometrics to continue moving through the datacenter. If the person's identity is validated, they can enter only the portion of the datacenter that they have approved access to. They can stay there only for the duration of the time approved.

Datacenter floor. Persons are only allowed onto the floor that you're approved to enter. You are required to pass a full body metal detection screening. To reduce the risk of unauthorized data entering or leaving the datacenter without our knowledge, only approved devices can make their way into the datacenter floor. Additionally, video cameras monitor the front and back of every server rack. When you exit the datacenter floor, you again must pass through full body metal detection screening. To leave the datacenter, you're required to pass through an additional security scan.

Microsoft requires visitors to surrender badges upon departure from any Microsoft facility.

Physical security reviews

Periodically, Microsoft conducts physical security reviews of the facilities, to ensure the datacenters properly address Azure security requirements. The datacenter hosting provider personnel do not provide Azure service management. Personnel can't sign in to Azure systems and don't have physical access to the Azure collocation room and cages.