Sicherheit im Überblick
Userlane Partners with Microsoft for Secure Infrastructure & Hosting
Why we chose Microsoft Azure
Userlane decided to work with Microsoft Azure to ensure the strict security and compliance requirements of our enterprise and public service clients are met and allow us to provide a scalable, frictionless service at a global scale.
Userlane is a certified partner of Microsoft.
By joining forces with the industry leader Microsoft, Userlane can rely on a proven security architecture: Over 3,500 dedicated Microsoft cybersecurity professionals help protect, detect, and respond to threats.
All of Userlane’s databases, application servers and network infrastructure are hosted by Microsoft Azure.
By relying on Microsoft, Userlane can leverage significant investments that have been made towards the security and compliance of data centers:
- Microsoft Azure is certified with ISO 27001 – a common standard in the industry.
- Since the beginning of 2017, Microsoft Azure is also certified with ISO 27018 – a new standard for the protection of personal data in the Cloud.
- Read Microsoft’s Whitepaper about Microsoft Azure Security, Privacy, Compliance
- ISO 27001
- ISO 27018
Userlane exclusively uses EU data center regions.
In order to ensure that the data cannot be used without authorization or passed on, we have also contractually limited the use of the services to the EU region and regulated the access options accordingly. This also applies to the case of maintenance.
Userlane is committed to an uptime SLA of 99.5%.
The infrastructure of Microsoft Azure is built for availability. This allows us to guarantee an availability time of 99.5%. This allows less than 4 hours of unavailability per month.
In the past, we have seen our performance surpass this minimum barrier on a regular basis.
Data at rest
All databases use a so-called “at rest” encryption. This means that data can only be read if proper authentication takes place on the respective database system. The files in which the data is stored are stored in encrypted form so that they can only be read by database systems that have the appropriate decryption key.
Data in transit
Userlane applies transport encryption whenever data has to be transmitted over an insecure or public network (e.g. outside the virtual private cloud). The type of transport encryption depends on the encryption requested by the client system. Userlane uses HTTPS connections with 256-bit SSL certificates for all communications with clients.
Userlane works with Azure Network Security Groups to ensure that services running within the Azure environment are accessible only to the networks that need it. Access to network ports of various services is restricted to the extent that access is only possible through services that need access.
Userlane works with recognized security experts and researchers. Together we aim for the highest possible security of our systems.
We perform penetration tests on a yearly basis. Our contractor Cobalt maintains a core of 200+ highly vetted, certified security researchers.
Userlane uses various monitoring tools to ensure maximum availability, performance and security of the application. The monitoring includes but is not limited to the following parameters:
- Availability of the application
- Accessibility of backend systems and services
- CPU utilization
- Utilization of network interfaces
- Utilization of persistent and volatile storage
- Response times of the application
- Response times of backend systems
- Query times for database contents
- Update status of systems
- Error logs
- Access logs
Userlane drives continuous backups of databases. Those can restore the database state to what it was at any specific time, down to the second. The backups are stored in the same region. Backups are retained for 30 days. These backups are treated as sensitive data. Only specific personnel can access these backups after an internal authorization process.