Cloud Provider Statement

FMI Works is delivered through Microsoft Azure as the cloud provider

This article is for IT and security professionals

Introduction

While FMI Works is provided as a Software-as-a-Service product, we utilize cloud infrastructure to provide better service at a lower price to our clients.  At each layer of the software and hardware and software stack, FMI chooses the best value proposition for our business and client. Microsoft Azure, being ISO 27001:2013 compliant, provides extremely high security standards for their infrastructure.  FMI uses azure to provide up-to-date and patched networking, storage, servers, virtualization, operating systems, and middleware.  

Data centres    

A system cannot be more secure than the physical platform on which it runs. Windows Azure runs over 100 data centres in geographically distributed Microsoft facilities around the planet. Each facility is designed to run 24 x 7 and employs various measures to help protect operations from power failure, physical intrusion, and network outages. These data centers comply with industry standards for physical security and reliability and they are managed, monitored, and administered by Microsoft operations personnel. They are designed for “lights out” operation.  

Facilities access

Microsoft uses industry standard access mechanisms to protect Windows Azure’s physical infrastructure and data centre facilities. Access is limited to a small number of operations personnel, who must regularly change their administrative access credentials.  

Power redundancy and fail over            

Each data centre has a minimum of two sources of electrical power, including a power generation capability for extended off-grid operation. Environmental controls are self-contained and remain operational as long as the facility and contained systems remain online.

Physical security controls are designed to “fail closed” during power outages or other environmental incidents. In case of fire or situations that could threaten life safety, the facilities are designed to allow egress without remaining exposed.

Media disposal

Upon systems end-of-life, Microsoft operational personnel follow rigorous data handling procedures and hardware disposal processes. This includes Microsoft’s own onsite data media destruction.