Security & Compliance

Security and data protection in design

Q: How does ahead access my company data?

ahead was designed to work optimally with the customer s M365 environment. For example, the ahead search will find documents that are stored in SharePoint Online (MS Teams) and for which the logged-in user is authorized to see them. For more information, see: How does ahead access my company data and how is it used?

Q: What security measures are used against malware?

Microsoft s security recommendations for Azure Web Apps are followed where appropriate. See the sections Identity and Access Management , Data Protection and Monitoring at: Microsoft Security Recommendations for Azure Web Apps. This includes in particular: HTTPS only, TLS 1.2 only, no anonymous access, disabled FTP, Microsoft Defender protection and monitoring. In addition, ahead uses Microsoft Defender for Cloud.

The privacy and data security of our customers and their employees are our top priority.

Data location

ahead is a modern SaaS application and is operated in Microsoft's data centers. Microsoft's data centers are managed according to the highest security standards (more about Microsoft Compliance).

The following locations can be selected:

Western Europe
Switzerland

Ahead Security Compliance Microsoft Azure

Processing of personal data

ahead offers GDPR-compliant data processing agreements (DPAs). ahead has DPAs with any sub-processors that process personal data.

Data processing agreement (DPA) - GDPR

ahead offers GDPR-compliant data processing agreements (DPAs).

Documents

Sub-processor

You can find more information about our sub-processors and the hosting location on our sub-processors page.

Contact

Back

We always enjoy talking to you

Let's talk

+41 (0)58 329 31 00
support@aheadintranet.com
Address
Schanzenstrasse 4c 3008 Bern, Switzerland

C./ Trafalgar 6, 2a planta 08010 Barcelona,
Spain

Send a message

Contact to arrange an appointment

Open contact page

We are happy to answer your questions

Help Center

Contact to arrange an appointment

Back

Send a message

Contact to arrange an appointment

Book a demo for more information

Find out how the AI-based intranet app simplifies internal communication, positively shapes the corporate culture and increases employee productivity.

Watch demo

FAQ Security & Compliance

We answer your questions about security

Do you have 27001 certification?

YES, our software operator, Microsoft Ireland, has all the relevant certifications, including ISO 27001 certification (see also https://learn.microsoft.com/de-de/compliance/regulatory/offering-iso-27001).

Is there an ADV, order data processing contract?

Yes, we will be happy to provide you with the contract.
The ADV also describes the information security management system with the corresponding technical and organizational measures, which are made transparent to the customer as part of a data processing contract.

How does ahead access my company data?

ahead was designed to work optimally with the customer's M365 environment. For example, the ahead search will find documents that are stored in SharePoint Online (MS Teams) and for which the logged-in user is authorized to see them.

For more information, see:
How does ahead access my company data and how is it used?

What security measures are used against malware?

Microsoft's security recommendations for Azure Web Apps are followed where appropriate. See the sections "Identity and Access Management", "Data Protection" and "Monitoring" at:
Microsoft Security Recommendations for Azure Web Apps.

This includes in particular: HTTPS only, TLS 1.2 only, no anonymous access, disabled FTP, Microsoft Defender protection and monitoring.

In addition, ahead uses Microsoft Defender for Cloud.

Which system accesses are logged?

Using Application Insights, all requests from ahead users are stored and are available for 90 days.

What happens to my data when the collaboration ends?

All data will be deleted or made available to the customer in a commonly used format. The complete deletion will be confirmed in writing.

Which encryption is used?

SSL encryption with SHA265. The data is also encrypted accordingly in the Azure data centers: https://www.microsoft.com/en-us/trust-center/privacy#office-SecondaryMessaging-1d3to98.

Infrastructure and hosting

Customers can choose between hosting Switzerland and EU hosting (both Microsoft Azure).

Penetrationstests

ahead commissions an external penetration tester to carry out independent penetration tests on a regular basis. After signing a confidentialityagreement, we are happy to make the results available to the customer.