Cloudiway Security: Data Protection, Compliance, and Infrastructure

Overview

Cloudiway implements comprehensive security measures to protect your data during migration. Built on Microsoft Azure infrastructure with SOC 2 Type 2 certification, the platform ensures security, availability, and confidentiality at every step.

🛡️

SOC 2 Type 2 Certified

Validated by Deloitte

Security

Availability

Integrity

Confidentiality

Privacy

Infrastructure & Hosting

Cloudiway operates 100% on Microsoft Azure infrastructure, leveraging Microsoft's world-class security certifications and data center protections.

Microsoft Azure

100% hosted on Windows Azure with Microsoft's enterprise security framework.

SOC 2 Type 2

Third-party audit by Deloitte validates security, availability, and confidentiality controls.

Trust Principles

Cloudiway implements five core trust principles aligned with industry standards:

🔒

Security

Physical and logical unauthorized access prevention

⏱️

Availability

Committed operational uptime for all services

✓

Processing Integrity

Complete, accurate, timely, and authorized system processing

🔐

Confidentiality

Information classified and protected per agreements

👤

Privacy

Personal data collected, used, and transferred as committed

Data Protection Measures

Encryption

HTTPS Encryption

All data transmitted between Cloudiway and users is encrypted via HTTPS, including communications with Google Workspace and Office 365.

AES 256 Encryption

User-defined connector credentials are stored encrypted using AES 256 encryption.

Password Hashing

Platform passwords use non-reversible hashing for maximum security.

Backup Policy

Daily backups occur via Windows Azure infrastructure with monthly restore testing to ensure data recoverability.

No Data Storage

Cloudiway never stores your mail, file, or site data. The platform acts as a secure conduit for data transfer. The only exception is Lotus Notes migrations which require temporary data staging.

Data Retention & Deletion

Automatic Data Destruction

Inactive projects (90+ days) trigger automatic data destruction. Three advance notifications are sent before deletion.

Manual Deletion

You can manually delete projects via the project interface. Data remains accessible for up to 10 days before permanent removal.

Audit & Compliance

Cloudiway maintains comprehensive audit trails for accountability and compliance verification:

User login activity tracking
Configuration change documentation
Migration activity logs
Compliance verification records

Cloudiway Security

Overview

SOC 2 Type 2 Certified

Infrastructure & Hosting

Microsoft Azure

SOC 2 Type 2

Trust Principles

Security

Availability

Processing Integrity

Confidentiality

Privacy

Data Protection Measures

Encryption

Backup Policy

No Data Storage

Data Retention & Deletion

Automatic Data Destruction

Manual Deletion

Audit & Compliance

Related Articles

Was this article helpful?

We value your feedback

I didn't find what I was looking for

I have a suggestion

Request an improvement

General feedback

Thank you!

Essential

Analytics

YouTube Videos