Security Policy

This security policy should be applied to the creation of any new functionality developed by Great Ideaz for the TRELLIS architectural framework. We would recommend that any organization adopting DaaS take and adapt this policy for their own development team.

This section describes the high-level security policies that will be enforced throughout the enterprise solution architecture. Bringing together this policy information helps to ensure that the architecture provides defense in depth with overlapping security frameworks to minimize the possibility and severity of breach.

Authentication and Authorization

Microsoft Active Directory and Azure Active Directory

Network Perimeter
Internal
Physical Security
Infrastructure

Physical Equipment and Devices

Servers

Cloud – Azure

Applications
Users and Group Policies
Endpoints