Data protection controls

Last updated July 2, 2026

The following controls are implemented as standard across all engagements:

Control Implementation
Encryption at rest AES-256 via platform-native services (e.g. Azure Storage Service Encryption, Azure Disk Encryption)
Encryption in transit TLS 1.2 minimum enforced across all data transfers and API communications
Backup & recovery Automated backup schedules with geo-redundant storage options within Australian regions; recovery point and time objectives defined per engagement
Data retention Retention policies configured to meet your regulatory requirements; data securely deleted on engagement completion or as directed
Data classification Classification framework applied at project inception so sensitive, confidential and public information are each handled appropriately
Key management Platform-managed or customer-managed keys via Azure Key Vault or equivalent, depending on your requirements

Every one of these is configured to your requirements rather than a one-size-fits-all default — data residency and classification are documented and validated during project inception.

Still need help?

Can't find what you're looking for? Get in touch with our support team.