Skip to content

Intranet security and compliance

Worry-free intranet security ​

Igloo is hosted in the industry-leading Microsoft Azure cloud and offers the highest standards of compliance and security at all levels. From guaranteed uptime to regular third-party vulnerability testing, we’ve got you covered.

Hosting

Private Azure Cloud

Igloo digital workplaces are hosted on a private Microsoft Azure cloud infrastructure – the industry leader with 90+ compliance offerings. The facilities are SSAE 16 (SOC 1, SOC 2 Type II) and ISO 27001 compliant.

Hosting options

We offer a multi-tenant or single-tenant solution to meet your needs, and we can host your data in either Canada or the U.S. with a guaranteed uptime of 99.9%.

Disaster recovery

We provide each customer with a disaster recovery plan to protect critical data. Our response plan includes protocols for impact assessment, backup and recovery, and customer notifications.

Data backups

We provide complete data backups across redundant primary and secondary site servers with additional service options to meet your requirements.

Platform security​

Architecture

The Igloo platform is cloud-native, and leverages the Microsoft stack, including the highly secure .NET framework.

Data encryption

At rest, data is encrypted with (minimum) AES-256 (FIPS 140-2 compliance). In transit, all connections to Igloo are secured via SSL/TLS, earning us an A+ rating from Qualys SSL Labs.

Mobile application

The Igloo mobile app offers two options for authentication: Igloo Authentication (including LDAP authentication) using login and password; and SAML authentication.

Third-party testing

Igloo’s platform, processes, and networks regularly undergo third-party audits including vulnerability scans, intrusion detection monitoring, and penetration tests.

Perimeter defense

We apply an array of strategies to secure the environment and data, including firewalls (Network Security Group); antivirus/malware; DDoS avoidance/prevention; and DNS private resolution.

Authentication & user management

Igloo keeps things simple for end-users through native sign-in and SSO with SAML, and we keep things safe for companies by assigning overall control to IT or any other designated site owner. Igloo also supports LDAP, AD, and IdP like OKTA and OneLogin. Simple to use, but completely secure.

Privacy compliant in North America and the EU

  • European Union: GDPR
  • Healthcare: HIPAA
  • California: CCPA
  • Canada: PIPEDA

Corporate governance mandate

We follow industry best practices for corporate governance with an aim to meet or exceed regulatory requirements. In addition to internal NDAs, we perform background checks of IT and development staff, and our software development lifecycle incorporates Microsoft SDL and OWASP recommendations so that security is at the root of everything we build.

Get started today

Learn more about how Igloo can meet your security needs while offering a seamless end-user experience.