Soundbite is a SaaS platform for recording, listening, and distributing text, audio, and video in enterprise communications scenarios. It’s a combination of secure platform (back-end), client SDK (front-end), and vertical-focused communications applications that deliver intrinsic value to our customers.
Soundbite is built with a decade of enterprise class cloud technology knowledge, an approach emphasizing defense-in-depth, and the security backing of Microsoft.
Our “born-in-the-cloud” approach is focused on leveraging the best-in-breed Azure features to deliver scalability and security.
Active Directory (AD) provides authentication, authorization, and group metadata to Soundbite via Microsoft Graph. This means a user’s Microsoft identity is conveniently the same for Soundbite as when they are accessing Office 365.
GDPR AND DATA SOVEREIGNTY
When you on-board with Soundbite, you will select compliant regions from Azure’s ever-growing list of locations, including a safe fallback location for Geo-redundancy of their SQL Database. This ensures you are in control of the jurisdiction for your data.
SINGLE TENANT STORAGE
Storage accounts (Table and Blob) and SQL instances are one-per-organization, providing data segregation for each customer.
Storage accounts (Table and Blob) and SQL instances are encrypted at rest and in transport. Connection strings and other keys are stored either securely in the service itself or centralized into Azure Key Vault
This data is handled using best practices, including not storing where possible, anonymizing where possible, encrypting always, and ensuring more than one component of the system must be compromised before the information would be human-readable
FAULT TOLERANT AND REDUNDANT
SQL databases are geo-redundant with a secondary in another region (except where prevented by data privacy) and support 30-day point-in-time restore with a long-term retention policy for 3 years.
For more information of Microsoft’s approach to security, privacy, compliance, and transparency in their cloud services, please visit the Microsoft Trust Center. For a full list of compliance capabilities in Microsoft Azure that are harnessed by Soundbite, including operations on Government Regions, check out Microsoft Azure Compliance.
While our chosen use of largely managed services and PaaS capabilities means individual hardware failures are abstracted away, it’s still possible for a whole tenant or region to be impacted due to catastrophe.
In this event, we have the following recourse:
Active monitoring on the applications and of Azure itself to immediately alert Soundbite support and DevOps to any disruption of service.
Backup, versioning, and retention such that we maintain point-in-time restore for 30 days with long-term retention of 3 years.
A detailed remediation plan to diagnosis and recover both tenants and regions based on an understanding of their components and configuration.
A detailed recovery plan that, in the event of outage, corruption, or loss, enables restoring tenants or regions from backup.
A process for automation restoration and migration of a tenant instance in the event a tenant is corrupted or lost in a process taking less than 4 hours.
A process for automated restoration and migration of all tenants in a region to another operable region in the event an entire virtual datacenter fails to come back online in 24 hours.