1. Data Security
1.1. The customer’s data never leaves the cloud service unless agreed with the customer.
1.2. All access to the customer server is enabled, logged and auditable using Azure controls providing GDPR and ISO27001 access and audit compliance over the customer data and customer service.
1.3. We apply user level access auditing of all support incidents. No generic access accounts exist or will be created.
1.4. No data ever leaves the geographically approved or designated zone, be that a national border ( i.e CANADA) or an integrated economic area ( i.e EU, USA, CA and AU).
1.5. Each geographic legal region has its own support servers which are not visible over the public internet.
1.6. The customer’s data is not visible to other customers, Mitrefinch Ltd users or networks.

2. Backup Security
2.1. The server is backed up using a proprietary Azure backup service and as such the data is inaccessible to either Mitrefinch Ltd or Microsoft personnel. Only in the event of restoration can a Mitrefinch Ltd IT personnel restore the machine into an Azure datacentre. This restoration will have the same security as the original server and no internet access by default. All restorations are automatically logged by the Azure management interface.
2.2. Backup failure status is monitored within the operations systems and give an instant ‘red flag’ if failure occurs.
2.3. An additional full SQL backup is taken each night and stored locally on the customer server. This SQL backup is sufficient to enable a complete restore if it was moved to a new server in the unlikely event of a catastrophic server loss.
2.4. From a Data Protection compliance perspective we only keep Azure and SQL backups for 30 days for each customer so if personal data is removed from your own TMS system it will automatically disappear from all active backups after 30 days. We do not recover or restore SQL backups for the purpose of re-instating accidentally deleted data within your TMS system.

3. Server Access Security
3.1. We never permit open RDP to the desktop from a non-specified internet address, a client device or unauthorised Mitrefinch Ltd personnel.
3.2. Mitrefinch Ltd enable RDP to the desktop for administration access from their support sites prior to logging on. A specific Mitrefinch Ltd IP address is given access for the duration of the ticket.
3.3. Mitrefinch Ltd’s administration environment is strictly controlled and protected by enterprise class two-factor authentication.
3.4. All named implementation accounts are disabled after the server is completed and handed over to the customer. No unauthorised or un-audited access to the server is achievable post-handover.
3.5. Access to RDWEB is via an active directory user account. The desktop operating system of a customer’s server is never given to customers and cannot be accessed directly, via RDP or RDWEB, even if the site has IP RDP permissions.
3.6. No direct RDP drive mapping is permitted by client or Mitrefinch Ltd personnel to the customer’s server.
3.7. When a customer wants to download report data from the TMS server they can use the built in IIS Directory browsing. This is locked to the active directory account for the company server and served on port 555. This port is IP locked to the customer’s site.

4. Monitoring and Security Controls
4.1. Active Anti-virus software is installed on all machines.
4.2. As part of the hosted management service Mitrefinch Ltd IT will apply all necessary operating system updates to the hosted servers. Non-critical updates become part of a standard quarterly update process. Updates are applied regularly and will require your server to be rebooted. A time window that is convenient to you and your business operations, generally out of your working hours, is agreed with you and is not considered part of the uptime SLA.
4.3. Critical update warnings, security incidents, CPU peaking, machine shutdown/crash, and disk capacity warnings are sent to the Mitrefinch Ltd IT team for all servers. These are given a high priority response by the team and resolved within your SLA.
4.4. Anonymised Performance and Usage data will be collected by Mitrefinch Ltd Limited to assist in the improvement of the solutions provided. The Mitrefinch Ltd telemetric system, in Azure, monitors and accumulates statistical data on the response time and performance of the application. This data is entirely anonymous and enables us to tune and improve the performance and reliability of the application.
4.5. Only RDP from Mitrefinch Ltd is permitted, HTTPS from the public internet (this can be locked to a customer site at the customer’s request) and FTP from a customer site. No other protocols are accessible.
4.6. As part of the service we perform penetration testing on active servers in the Azure cloud fabric. Any potential security issues are resolved in a timely manner based on the associated risk.

5. Service Limits
5.1. The standard quoted service includes a 10GB SQL Express database limit unless an upgraded SQL Standard server has been specified and quoted specifically by your account manager. If your data usage results in needing a larger than 10GB database then Mitrefinch Ltd will need to increase your service in accordance with the use of SQL Standard server. Mitrefinch Ltd will charge accordingly for this uplift.
5.2. Where a VPN is utilised an additional per monthly charge will be levied by the account manager for the server.
5.3. Each server is supplied with two RDWEB access accounts as standard. Each additional account will be charged for as a standard one-off fee. If the number of RDWEB accounts exceeds 5 then we will reserve the right to upgrade your server in order to meet the increase in resources that the additional RDWEB maybe generating.

6. Application Updates
6.1. Mitrefinch Ltd will undertake to maintain the security and version of your TMS. This will require periodic downtime. The period of updates will be agreed with you to ensure minimal disruption to your operating schedules. The downtime for updates of application and OS are not considered within the SLA. We reserve upto 4 hours for an application update.
6.2. Application updates will be deployed according to your agreed maintenance and/or subscription package.