Data Security


Data security is paramount. vGIS relies on security-centric architecture and multi-layered security provided by Microsoft across all physical datacenters, infrastructure, and operations in Azure. Best-in-industry physical security of Azure datacenters, threat detection monitoring, data encryption and physical separation of system components—these are just a few of the many elements that vGIS has put in place to ensure the security of your data.

vGIS works with federal agencies and companies that provide critical infrastructure , which necessitates frequent security reviews and compliance with best-in-class security practices.

vGIS has developed several models for accessing and processing the data of our clients.

Data Handling Options

Persistent Model

Under the persistent-integration model , the vGIS data-processing component prepares and securely caches partial data at the edge of the cloud. The data can be accessed only by authenticated devices, and necessary security checks are performed for every data request. The data cannot be accessed directly or accidentally, ensuring security. Persistent integration speeds up data delivery and increases the system’s reliability.

Real-Time Model

Real-time integration is designed for high-security environments. Under the real-time configuration, vGIS acts as a pass-through system without storing or keeping any of the client’s data or residual data. To maintain an audit trail, the system records who has accessed data, from where, when, and how so that the company’s administrators can review all data requests for validity.

Private Cloud

The private Azure cloud model was created to combine the best of the persistent model with the peace of mind of having data reside behind the client’s own firewall. vGIS is deployed in the client’s private Azure tenant, and the client retains full control over the infrastructure, the data, and the data flow.

 

Data Access Options

vGIS supports many data access options in order to fulfill the diverse requirements of different organizations.

Public URLs

Much of the data in a public infrastructure is already publicly available. vGIS supports the public URL model for accessing such data because it eliminates the need for complex and unnecessary security models. vGIS consumes the information that the client has chosen to make available to the public.

Password-Protected URLs

Password-protected URLs are a common method of controlling access to data. vGIS integrates natively with security models that utilize password-based authentication, including Esri ArcGIS password-protected URL for ArcGIS Online, ArcGIS Enterprise, and Bentley iTwin.

Token-Protected URLs

Some Esri ArcGIS clients prefer to use tokens with an expiration date to secure their data. vGIS offers full support for token-protected URLs and token-based authentication.

Active Directory (AD)

Enterprises and large organizations often rely on LDAP authentication and LDAP-controlled security policies to control access to multiple enterprise systems, including BIM and GIS repositories. vGIS supports enterprise integration with Active Directory (AD) authentication and reverse-proxy setup for data access.

Custom

Occasionally, vGIS clients support unconventional authentication models. The vGIS system is designed for flexibility and can work with unique authentication requirements.