Azure Migration - UK/EEA - 2019 April
In the coming months, iOFFICE will be migrating remaining sites hosted at the Rackspace data center in London, England to Microsoft Azure in France. Microsoft Azure is a globally recognized leader in hosting enterprise-ready cloud solutions. Azure data centers not only meet and exceed the level of security currently available to our customers, but also provide some additional performance, reliability, and security features that are not currently available, such as data-at-rest encryption and geo-redundant backups. This migration will increase the security of your data while improving on the performance and availability you have come to expect from your iOFFICE site. See below for more information on Azure data centers and what you can expect in the months ahead.
What are the benefits of Azure?
Azure data centers offer the most comprehensive set of certifications and attestations of any cloud service provider, providing third-party confirmation of controls in place to protect your data. Refer to the following list of relevant certifications.
- CSA-STAR Certification: Gold level - The Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) assessment consists of three levels of assurance aligned with the control objectives in the CSA Cloud Controls Matrix (CCM). The CCM covers fundamental security principles across 16 domains to help cloud customers assess the overall security risk of a cloud service.
- ISO 20000-1:2011 - Certification that demonstrates Azure has the appropriate processes and procedures in place to deliver efficient and reliable IT services.
- ISO 22301 - Comprehensive standard that demonstrates the highest level of commitment to business continuity and disaster preparedness.
- ISO 27001 - Security standard formally specifying an Information Security Management System (ISMS) that is intended to bring information security under explicit management control. Compliance with this standard demonstrates that Microsoft uses internationally recognized processes and best practices to manage the infrastructure and organization that support and deliver its services.
- ISO 27017 - Code of practice designed for organizations to use as a reference for selecting information security controls when implementing a cloud information security management system.
- ISO 27018 - Code of practice for protecting personally identifiable information (PII) in the cloud. Azure was the first cloud provider to adhere to this standard.
- ISO 9001 - Standard that establishes the criteria for a quality management system, including a clear focus on meeting customer requirements, strong corporate governance and leadership commitment to quality objectives, process-driven approach to meeting objectives, and a focus on continuous improvement.
- In addition to the certifications listed above, Azure is compliant with a variety of regional privacy legislation, including the EU-U.S. & Swiss-U.S. Privacy Shield, GDPR, and PIPEDA among others.
As you can see, Azure data centers are committed to providing a secure and resilient infrastructure backed by internationally recognized controls. We are confident that Azure is the best place to host the iOFFICE application going forward.
Where will data be stored?
iOFFICE sites will operate out of the Azure France Central (Paris) data center with geo-redundant backups stored at Azure France South (Marseille).
What is data-at-rest encryption?
One of the main benefits of migrating to Azure is the availability of encryption at rest using transparent data encryption (TDE). TDE encrypts your site's data while stored on the database, in associated backups, and transaction log files. This encryption allows us to protect your data end-to-end, using TLS 1.2 protocol (soon to be 1.3) in transit and TDE in storage. For more information on TDE, click here.
What has iOFFICE done to prepare?
iOFFICE has spent considerable time and resources to ensure a smooth transition period for all of our clients. In addition to training key personnel on managing iOFFICE's infrastructure at Azure, we have performed quality assurance testing, report conversions, and performance testing as part of this process. We even moved the site used for iOFFICE HQ to Azure so we could perform real-world, in-house testing prior to attempting a client-site migration.
When will this transition occur?
iOFFICE will begin structured site migrations with advance communication and coordination with customers. Migration can begin as early as July 2019, with customers having the option to extend as needed to coordinate with compliance teams, meet contractual obligations, and confirm that we are ready to go from day one. Additional details about the timeline for your specific site will be communicated throughout the process.
What do we need to do to prepare?
The first and most important step is to alert IT and Security departments at your site to this change so they can review and approve as needed. The following steps must also be implemented prior to migration.
- Verify legacy reports are available in Insights. The Legacy Reports option in the submenu for a specific module will no longer be available after the migration to Azure. For example, the image below displays the Legacy Reports option in the Space submenu.
As a preemptive measure and part of the Azure migration in the United States, iOFFICE has already moved the most commonly used reports to the Insights module. Reports in the Insights module provide users with more flexibility than legacy reports allow, including the ability to customize your report, schedule reports to run at predefined intervals, and view multiple reports in a custom dashboard.
While this consolidation is all but complete, we ask that you search the Insights module for your required reports to confirm we did not miss one that is important to you. If you find one, please contact support so we can help you add it to the Insights module.
- Replace any remaining PDA devices in use. Support for legacy PDA devices such as the MC55a0 and MC75A will officially end with the migration to Azure. Ongoing development for these devices ended years ago; however, some of these devices may still be in use in the field. If you are using these devices, the devices must be replaced with supported iOS devices.
iPods and other iOS devices provide your employees with a faster, seamless, modern experience that they will certainly appreciate. As an added bonus, the apps are optimized for use on iOS devices, so you can expect continuous development and improvement.
- Update IPs. Please be aware that the IP used for communication between the iOFFICE application and the data center will be different at Azure. Customers will need to ensure that any firewall restrictions in place are updated to include the new IP addresses for the data center.
The new IP addresses will be communicated as we get closer to the migration date.
Here at iOFFICE, we work hard every day to provide our customers with best-in-class solutions to improve your employee experience and manage your facility operations. We believe that migrating to Azure will best position us to continue to grow with our customers while expanding on the performance and security of the iOFFICE application. If you have any questions or would like additional information on the planned Azure migration, contact your Account Manager.
Updated (7/24/2019): This article has been updated to reflect a change in the planned data center location. We had initially planned to migrate customers to Azure Germany; however, the available Azure data centers in Germany are not accepting new customers at this time. The plan has been updated to move to Azure France data centers for customers whose data should reside in the EEA.