InfoSec for Ascend Services
Where is data stored
All data for Ascend Services, including the wildlife recording service, is stored on Azure, the Microsoft cloud platform. More specifically, the user created data such as recording items and wildlife monitoring/obstacle drawings, are stored in the Azure Blob/Table Storage.
Microsoft Trustcenter
Information about certifications of the Azure account can be found on https://azure.microsoft.com/en-us/overview/trusted-cloud/
IdentityServer
All identity information for the ascend service is protected using best practice for salting and hashing of passwords – no passwords are stored in plain text, and users will always have to reset their passwords in case they loses it.
Identityserver is used for leveraging identity and access control for the modules and portal on the ascend service, which is openid connect certified and can be found on https://identityserver.io/
Azure Keyvault
For sensitive and confidential information related to database and storage access, the Microsoft azure Keyvault is used and can be found on https://azure.microsoft.com/en-us/services/key-vault/
Sensitive confidential information and deployment credentials are never stored in code.