Q: What controls are in place to prevent unauthorised access?

• Related Articles

• Q: What measures are in place in case of system failure, data loss, or cyberattack?

  A: The system is hosted in Microsoft Azure, which provides built-in redundancy, availability zones, and distributed denial-of-service (DDoS) protection. We implement defense-in-depth measures including network firewalls, identity and access ...

• Q: What level of security is applied for accessing the system from outside the internal network?

  A: Remote access is protected by Azure Active Directory (AAD) using modern authentication protocols (OAuth 2.0 / OpenID Connect). Access requires secure login with username and password, and is further protected by multi-factor authentication (MFA) ...

• Q: Are mechanisms such as multi-factor authentication (MFA), VPN, or certificates used?

  A: Yes. Remote access uses Azure Active Directory (AAD) with modern authentication protocols (OAuth 2.0 / OpenID Connect). All logins require username and password, and Multi-Factor Authentication (MFA) could be enforced. Certificates and conditional ...

• Q: We understand the system is hosted on Microsoft Azure and Amazon S3, with encrypted SSL communication and daily redundant backups. Could you confirm if this setup is still current and whether any changes are planned?

  A: The system is now primarily hosted on Microsoft Azure. Azure Storage is used as the main backup and file repository. SSL/TLS (minimum TLS 1.2) is enforced for all communications. Daily redundant backups remain in place, and no major infrastructure ...

• Q: How frequently are backups performed?

  A: Automated backups run daily for databases and virtual machines, with transaction log backups at shorter intervals where applicable. Configuration and infrastructure-as-code repositories are continuously version-controlled.