We understand that for you—our enterprise customer—to realize the benefits of the cloud, you must be willing to entrust your cloud provider with one of your most valuable assets—your data. If you invest in a cloud service, you must be able to trust that your customer data is safe, that the privacy of your data is protected, and that you retain ownership of and control over your data—that it will only be used in a way that is consistent with your expectations.
Our long experience providing solutions & services has involved extensive investment in foundational technology that builds security and privacy into the development process. Over time, we’ve developed industry-leading security measures and privacy policies, and participated in international compliance programs with independent verification of how we measure up.
Security: We keep your customer data safe
Semifly has leveraged its decades-long experience building enterprise software and running online services to create a robust set of security technologies and practices. These help ensure that our solution, services and infrastructure are resilient to attack, safeguards user access to the appropriate environment, and helps keep customer data secure through encrypted communications as well as threat management and mitigation practices, including regular penetration testing.
Managing and controlling identity and user access to your environments, data, and applications by federating user identities to Azure Active Directory and enabling multi-factor authentication for more secure sign-in.
Encrypting communications and operation processes. For data in transit, we use industry-standard transport protocols between user devices and our datacenters, and within datacenters themselves. For data at rest, we offer a wide range of encryption capabilities up to AES-256, giving you the flexibility to choose the solution that best meets your needs.
Securing networks. We provide the infrastructure necessary to securely connect virtual machines to one another and to connect on-premises datacenters with Semifly Cloud VMs. We block unauthorized traffic to and within our datacenters, using a variety of technologies. Cloud Virtual Network extends your on-premises network to the cloud through site-to-site VPN.
Managing threats. To protect against online threats, we use and offers Microsoft Antimalware for cloud services and virtual machines. We also employ intrusion detection, denial-of-service (DDoS) attack prevention, regular penetration testing, and data analytics and machine learning tools to help mitigate threats to the Azure platform.
Privacy: You own and control your data
For more than 10 years, Semifly has been a leader in creating robust online solutions designed to protect the privacy of our customers. Our time-tested approach to privacy and data protection is grounded in our commitment to organizations’ ownership of and control over the collection, use, and distribution of their information.
We strive to be transparent in our privacy practices, offer you meaningful privacy choices, and responsibly manage the data we store and process. One measure of our commitment to the privacy of customer data is our adoption of the world’s first code of practice for cloud privacy, ISO/IEC 27018.
You own your own data. With Semifly, you have ownership of customer data—that is, all data, including text, sound, video, or image files and software, that are provided to Semifly by you, or on your behalf, through the use of our Cloud. You can access your customer data at any time and for any reason without assistance from Semifly. We will not use customer data or derive information from it for advertising or data mining.
You are in control of your data. Because the customer data you host on Semifly cloud belongs to you, you have control over where it is stored and how it is securely accessed and deleted.
How we respond to government and law enforcement requests to access data. When a government wants customer data—including for national security purposes—it must follow the applicable legal process, serving us with a court order for content or a subpoena for account information. If compelled to disclose customer data, Semifly will promptly notify you and provide a copy of the demand, unless legally prohibited from doing so. We do not provide any government with direct or unfettered access to customer data except as you direct or where required by law.
Transparency: You know how your data is stored and accessed, and how we help secure it
Semifly Azure is built on the premise that for you to control your own customer data in the cloud, you require visibility into that data. You must know where it is stored. You must also know, through clearly stated and readily available policies and procedures, how we help secure your customer data, who can access it, and under what circumstances. And don’t take our word for it: you can review the third-party audits and certifications that confirm that we meet the standards we set.
Compliance: We conform to global standards
Semifly meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, SOC 1/2 and PCI, as well as country-specific standards.
Rigorous third-party audits, verify our adherence to the strict security controls these standards mandate. As part of our commitment to transparency, you can verify our implementation of many security controls by requesting audit results from the certifying third parties.
When Semifly verifies that our services meet compliance standards and demonstrates how we achieve compliance, that makes it easier for customers to secure compliance for the infrastructure and applications they run in Semifly.