Security & Infrastructure

Enterprise security, built on Microsoft Azure.

UK-hosted on Microsoft Azure. Tenant isolation at the data layer. Microsoft Entra External ID for authentication. AES-256 encryption, TLS 1.3, full audit logging.

Book a DemoRequest docs
Category 01

Access control

Microsoft Entra External ID

Identity managed via Microsoft’s enterprise identity platform. Federated SSO with your Microsoft tenant.

Multi-Factor Authentication (MFA)

Additional verification methods enforced via tenant policy. Available across all tiers.

Role-based access control

Granular permissions via the AccessMatrix. Users only see the dashboards and modules their role allows.

Session management

Automatic session timeouts and secure session handling, configurable per tenant.

Category 02

Data protection

Tenant isolation at the data layer

Each organisation’s data lives in a separate Microsoft Fabric lakehouse. No cross-tenant queries possible.

Encryption at rest

All stored data encrypted using AES-256 at the storage layer. Keys managed by Microsoft Azure.

Encryption in transit

All data transmission uses TLS 1.3. Front Door enforces HTTPS-only across every tenant subdomain.

UK data residency

Data stored in UK Azure regions. No cross-border data transfer for our standard tenancy.

Category 03

Audit & compliance

Comprehensive audit logs

Every meaningful change is logged with user, timestamp and reason. Available in the platform’s audit trail.

GDPR-aligned by design

Built with privacy by design. Data Processing Agreements available on request.

Configurable data retention

Retention policies per data type, configurable per tenant to meet your compliance posture.

Right to erasure

Support for GDPR data subject rights including deletion requests, with full audit trail.

Category 04

Infrastructure

Microsoft Azure

Hosted on Azure Container Apps with Azure Front Door, Microsoft Fabric OneLake for data, all UK-region.

Vulnerability management

Container images scanned, dependencies monitored, infrastructure-as-code reviewed before deploy.

Incident response

Documented incident response procedures and customer notification processes.

Business continuity

Regular backups, disaster recovery procedures and tested rollback patterns.

Documentation

Questions about security?

We’re happy to discuss our security practices in more detail, share our security documentation pack, or answer specific questions about how we protect your data. Drop us a line and we’ll respond within one working day.

security@aivii.co.uk →

Related

The platform

Three hubs, 130+ pages, multi-tenant, role-aware.

DfE Compliance

AAF, Provider Financial Handbook, funding rule alignment.

Audit Centre

Automated funding audit against DfE rules and DfE Audit Working Papers.

Ready to learn more?

Book a demo and we can discuss your specific security requirements alongside the platform tour.

Book a Demo