The Indigo Suite is hosted as a platform using Azure Application Services, and all data sent to Indigo is encrypted in transit to our data centres in Ireland and the Netherlands.
We implemented all security headers to block any click-jacking and XSS attacks with a rating of "A" on securityheaders.io.
Transport Layer Security (TLS) provides protection of data in transit on SQL Database connections.
Database Firewall - Only IPs of the App Server & Shireburn IP Addresses (only authorised Shireburn personnel which require such access to perform their job efficiently are given access) are whitelisted.
We use SQL Azure Database replication to keep data safe in the case of system failure.
We also keep a point in time recovery backup for the last 35 days.
We also use Transparent data encryption which protects data at rest by encrypting the database, associated backups, and transaction log files at the physical storage layer. This encryption is transparent to the application, and uses hardware acceleration to improve performance.
The Azure SQL database is protected by transparent data encryption (TDE).
The built-in server certificate is unique for each server and the encryption algorithm used is AES 256.