As businesses are increasingly interested in shifting their operations toward the cloud, security and compliance requirements have become more and more demanding and critical.
This section describes how the additional services of Automation Service implement strict governance and security requirements so that data privacy and overall system security are not a concern for customers who want to use Bizagi Business Insights and Bizagi Artificial Intelligence.
Security, our first priority
Bizagi's Business Insights and Artificial Intelligence have been designed with security as their top priority. By using technologies and controls that enable an isolated environment for each customer, Bizagi Business Insights and Artificial Intelligence are hosted in the same virtual private cloud as the customer’s Automation Service, and customer data is not shared with or available to others.
Bizagi Business Insights and Artificial Intelligence are powered by Microsoft Azure and managed by Bizagi. They are provisioned in a cloud-centric architecture which leverages the best services and techniques to offer a secure, reliable and high-performance cloud environment.
Microsoft Azure is widely recognized for its compliance with local and global standards and regulations, including ISO/IEC 27017, SOC 1 and SOC 2, PCI/DSS, NIST-800-171, FedRAMP, HIPPA/HITECH, and EU Model clauses.
Bizagi Business Insights and Artificial Intelligence implement security controls and measures for data integrity, confidentiality and availability.
Bizagi Business Insights and Artificial Intelligence are hosted in the same private cloud as your Automation Service offer, which relies on important security-by-design features, and manages and maintains the security of your environment as a whole.
The assigned services and resources for customer's Bizagi Business Insights and Artificial Intelligence are located in the geographical location the customer chose for Automation Service.
Security in maintenance
Bizagi maintains a secure service and environment which includes ensuring the timely application of patches, fixes and updates to services and underlying infrastructure so that Automation Service as a whole remains secure from vulnerabilities.
To provide a higher data security level, Bizagi Business Insights and Artificial Intelligence feature data encryption in transit.
For data in transit, communication channels rely on the Transport Layer Security (TLS) protocol requiring the use of certificates to encrypt content.
Encryption in transit
Encryption of data in transit is assured by using TLS certificates that protect the channel.
This applies both to communications between Automation Service components and the database, and to the communication of end users when accessing Automation Service (in which case, HTTPS is used).
This measure prevents tampering of packages, spoofing, and man-in-the-middle attacks at the transport layer.
As well as the above security measures, note that unauthorized access to the database is not allowed, and that the customer has control of identity management for access to Bizagi Business Insights and Bizagi Artificial Intelligence.