|
Consider the following GDPR tips, regarding individuals being entitled to know how is personal data: processed, accessed, stored, protected and managed in general: •GDPR Articles 5 ("Principles relating to processing of personal data") and 32 ("Security of processing") emphasize about having due security measures in place to comply to data privacy and data security; as well as providing individuals the opportunity to learn which measures are in place. |
Note that individuals may ask for clarifications about the treatment given to personal data, such as its category, who is it disclosed to, the period for which it is expected to be stored; or also be informed about appropriate safeguards regarding overall protection, and management of personal data (e.g., such as those applying in the event of personal data transferring).
Conclusion
Consider the information in the following table, which describes applicable concepts for Bizagi processes.
AUTOMATION SERVICE |
|
|---|---|
Processing |
Processing of data is implicit in your process design, and also restricted by you, while following your organization's security standards, policies and procedures.
|
Access |
Logical access through Bizagi processes is implicit in your process design; and also restricted through different configuration options
Physical access relies on having data centers physically constructed, managed, and monitored 24/7 to shelter data and services from unauthorized access and environmental threats. Azure physical security policies are in place for site entry control and multi-factor authentication is used to control access to server areas and to monitor internal site activity. The physical security in data centers is maintained and secured through the use of guards, locks, cameras, biometric devices, card readers, and alarms. These data centers also are subjected to PCI scans to make sure security. Environmental sensing technologies protect data, by using sensing technologies that include humidity and moisture control, fire and smoke detectors, fire alarms and extinguishing agents. |
Storage |
Different assets and services are in place to manage the different type of information managed by processes: A SQL Azure database along with others (such as table storage or blob storage services).
|
Protection |
Encryption for data at rest is automatically set (at the page level) by using TDE. The pages are kept in an encrypted database using this technology and are encrypted before they are written to disk and decrypted when read into memory. This measure prevents reading of data from the physical media by potential attackers (i.e, stealing files), while supporting the use of highly secure algorithms such as AES and the use of a 256-bit symmetric key.
Encryption of data in transit is assured by using TLS certificates that protect the channel. This applies both to: the communication between Automation Service components and the database, and to the communication of end users when accessing Automation Service (in which case, HTTPS is used). This measure prevents tampering of packages, spoofing, and man-in-the-middle attacks at the transport layer.
|
Management |
Management is enforced by an appointed team of experts in Bizagi taking care of all underlying infrastructure, components and services; and in charge of all IT-related tasks (provisioning, maintenance, tuning, technical support and 24/7 monitoring). Personnel of this team of experts, course periodical training, undergo strict security controls, segregation of duties and signs NDAs. Bizagi, as a service provider, along with its IaaS business associates (Microsoft Azure), adheres to protecting the information in terms of implementing physical, technological and administrative safeguards, all based on the ISO 27001 standard. |
Last Updated 12/12/2024 12:05:18 PM