Shireburn

We use <a href="https://docs.microsoft.com/azure/sql-database/sql-database-auditing-get-started" rel="nofollow noopener noreferrer" target="_blank">Auditing for SQL Database</a> and <a href="https://msdn.microsoft.com/library/cc280386.aspx" rel="nofollow noopener noreferrer" target="_blank">SQL Server audit</a> to track database events and write them to an audit log. Auditing enables us to understand ongoing database activities, as well as analyze and investigate historical activity to identify potential threats or suspected abuse and security violations.

Every successful or unsuccessful login in the system is audited.&nbsp;

Every URL visited in the system is audited.&nbsp;

Every record in the system maintains the created on, created by, modified on, and modified by records.&nbsp;

Sensitive information such as employees and payroll calculations are audited when changed or deleted.

Employee logins to the Azure platform are audited by Azure Active Directory portal. Azure’s <a href="https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins" rel="nofollow noopener noreferrer" target="_blank">sign-in activity reports</a> and <a href="https://docs.microsoft.com/en-us/azure/security/fundamentals/log-audit" rel="nofollow noopener noreferrer" target="_blank">security logging and auditing</a> are followed.

Every action performed in Indigo is tracked and audited in SQL databases and servers