Platform Security

At Griffin31, we prioritize the highest standards of security to safeguard your data and ensure compliance with global regulations. Our security architecture is built on a foundation of trusted tools and practices, ensuring a robust and resilient system. Below are the key elements of our security framework:

Azure Cloud Compliance
Griffin31’s systems are hosted in Microsoft Azure, adhering to all industry-standard compliance requirements. This ensures that our infrastructure benefits from the security, scalability, and redundancy that Azure provides. 

Web Application Firewall (WAF)
To protect our web applications from common attacks such as SQL injection and cross-site scripting, we utilize a Web Application Firewall (WAF) that ensures continuous monitoring and blocking of suspicious activity.

Microsoft Defender for Endpoint and Defender for Cloud
Our endpoint and cloud security are fortified by Microsoft Defender. Defender for Endpoint protects user devices with real-time threat detection and automated responses, while Defender for Cloud continuously assesses our Azure environment, offering insights and proactive protection against emerging threats.

Mobile Device Management (MDM) with Intune and Endpoint Detection & Response (EDR)
We implement Microsoft Intune for mobile device management (MDM) and endpoint detection and response (EDR), ensuring that all devices accessing our network are secured and monitored. This enables us to enforce compliance policies, secure sensitive information, and respond swiftly to any detected threats.

Access Reviews and Role-Based Security
We perform regular access reviews to maintain proper control over who can access what within our systems. By adopting role-based access control (RBAC), we ensure that users only have the permissions they need, reducing the risk of unauthorized access.

Secure Development Practices
At Griffin31, secure development is a priority. We leverage industry-leading tools such as Ox Security or Bitbucket for secure code development and management, ensuring our product is built from the ground up with security in mind. Regular code reviews, vulnerability scanning, and continuous integration practices are applied throughout our development lifecycle.

Ongoing Security Training
Our team undergoes regular security training to stay updated with the latest threats and best practices. This ensures our staff is well-equipped to identify and mitigate risks at every stage of our product lifecycle.

ISO 27001 & SOC 2 Compliance (In Progress)
We are actively working towards ISO 27001 and SOC 2 certifications. These internationally recognized standards will validate our commitment to managing and securing customer data in line with the best practices in the industry.

Microsoft Sentinel for Threat Detection and Response
Microsoft Sentinel provides real-time monitoring, alerting, and investigation capabilities for potential threats across our entire environment. Its AI-driven analysis allows us to stay ahead of emerging security challenges and quickly respond to incidents.

Data Encryption
Data encryption is implemented across all layers of our system, ensuring that sensitive information is protected both at rest and in transit. This guarantees the confidentiality and integrity of your data, no matter where it is stored or how it is transmitted.

At Griffin31, security is not just an afterthought—it's built into everything we do. From development to deployment, we ensure that our systems are secure, compliant, and resilient against modern-day threats