Security

IAM Cloud is ultimately an IT security company that specialises in identity and access management. With this comes all of the state-of-the-art encryption technology and security procedures to ensure that all of our customers’ data is extremely safe and secure. In fact, we’re fortunate to have some of the best security people in the world of identity management in our team. Consequently, IAM Cloud has become a trusted Microsoft Gold Partner, with hundreds of large highly respected customers and over 3.5 million users.

Examples of our security precautions
We encrypt customers’ data with their encryption key, followed by our encryption key, and then only transmit information via encrypted channels. When that data is in transit an attacker would have to break through three layers of high encryption.

So, what happens if a solution stores passwords along with your user accounts in memory? Your system can be compromised by defects in core technology. Our passwords are never in memory at the same time as other account information. We write over the blocks in memory when we are done with them, instead of just freeing them for other applications. We don’t use open source technology to encrypt data or transmissions. We employ cryptography experts to write our routines. We then hire third parties attempt to crack our code and break in to our networks. There’s a reason we call our data store our Vault – it’s been designed and built from the ground up to keep unauthorised persons out.

Security beyond technology
A secure system requires that controls are in place to mitigate risk and that processes and policies around data access are enforced. We require strong passwords for every piece of technology that connects to any of our systems, regardless of the inconvenience it causes or the role of the individual who uses it. We ensure everyone in our business conforms to the very best in security practice.

All of our data and code live within Microsoft’s ultra secure Azure data centers. Not only are these highly secure against physical and digital attacks, Microsoft obfuscates the physical machines that the data are held on from those who work there, so there is no risk of an internal breach.