We can’t stop talking about data at Agri Information Partners. Collecting data in the right way, transforming data into knowledge, how to make data-based decisions and so on. Data is in our DNA and the exciting potential of it thrives us to explore the possibilities. That’s one of the reasons why we are taking data security so serious at Agri Information Partners. Security is commonly a technical topic with a lot of difficult terms and sentences. We would like to explain the main security steps we took to make sure your data is safe.
Security and compliance
Talking about security and data, people are logically thinking about digital security. However, it always starts with physical security. When the digital security is great, but the username and password are written on the front door, it doesn’t make a lot of sense. Therefore, also at our office, the security starts at this front door.
As explained, we have a strict security policy inside our company as well. To start with the physical security like 24/7 active locks on all main doors and server rooms, we also have many other security policies in place. At Agri Information Partners it is for example strictly forbidden to leave laptops or phones at your desk outside office hours. All our laptops and pc’s do have a secured hard drive, which need to be unlocked before you even get a change to login onto the device. Transfer of files outside the office is secured by an advanced VPN connection. Our Office365 tools requires Multi factor authentication to prevent misuse of accounts and data of our employees.
Login to Mercado by Multi Factor Authentication
Before one can access data in Mercado, he or she needs to login. The login for our web product Mercado is provided by Azure Active directory and can be expanded with Multi Factor authentication for improved safety.
If one can login successfully, he or she has access to the application and can request or send data. This ‘moving’ data is secured with website security policies.
The necessity of HTTPS
E-Brida, Mercado and other web products do use the secured extension of the Hypertext Transfer Protocol, the widely known HTTPS. You can check the HTTPS in front of an URL to make sure the communication protocol is encrypted using the commonly known Secure Sockets Layer (SSL).
The SSL is used in order to establish an encrypted link between the server and the client. So, this secures ‘moving’ data like request and data entries. However, the https does not cover the ‘data at rest’, so data that is just stored.
Mercado is a cloud-based application that stores the data in Microsoft Azure. This data is the so called ‘data at rest’ that was discussed before. Your data at rest is 24/7 protected by the Online Services Security and Compliance (OSSC) team of security professionals at Microsoft. Furthermore, via our cloud services, our products are always hosted by two data centers within the EU (Ireland and the Netherlands). Back-ups are made continuously and can set back up to two weeks back in time. Furthermore, an additional back-up is made weekly and stored at a non-Azure environment.
Apps and security
Both Mercado and E-Brida also do exchange data with an App. Before anyone can try to login into the Mercado Trial or E-Brida Field App, the App on each device needs to be connected to a customer’s environment. Once the link is made between an environment and the App on a certain device, the user needs to login with his personal App account before data can be seen or send. Furthermore, the App data cannot be read in any other way than with the App itself.
Applying the steps above, we are continues monitoring and if required, improving the overall data security. Together we make sure you can improve your business process without the risks of losing data.
If you have any questions concerning your data security, please contact us.