Q: How frequently are backups performed?

• Related Articles

• Q: We understand the system is hosted on Microsoft Azure and Amazon S3, with encrypted SSL communication and daily redundant backups. Could you confirm if this setup is still current and whether any changes are planned?

  A: The system is now primarily hosted on Microsoft Azure. Azure Storage is used as the main backup and file repository. SSL/TLS (minimum TLS 1.2) is enforced for all communications. Daily redundant backups remain in place, and no major infrastructure ...

• Q: Where are they stored (physical location or cloud)?

  A: Backups are stored in Azure Storage accounts with geo-redundant storage (GRS), ensuring replication to a paired Azure region within the EU.

• Q: Are they encrypted and replicated across different locations?

  A: Yes. All backups are encrypted at rest with Azure Storage Service Encryption (AES-256) and replicated across geographically separated data centers within the EU. Data in transit is always encrypted via TLS/SSL.

• Q: Is there any technical documentation available regarding compliance?

  A: Yes. Microsoft provides compliance documentation and audit reports through the Azure Trust Center and Service Trust Portal. System-specific compliance documentation (GDPR measures, security configuration, and policies) can be shared under NDA.

• Q: What controls are in place to prevent unauthorised access?

  A: Controls include conditional access (IP whitelisting, device compliance policies), Just-In-Time (JIT) access for virtual machines, continuous threat detection with Microsoft Defender for Cloud, and regular access reviews.