Demonstrating our security commitment to our clients
At Avanade, we understand the global threat landscape is evolving in complexity with an increasing number of attacks. Countries are quickly developing regulatory and compliance requirements to better protect the data and privacy of companies and citizens.
Avanade invests in security and privacy throughout our business because we understand the value of information assets and how critical they are to the success of your business. It is vital to us that you can trust that Avanade understands the unique security risks and concerns that can accompany new business solutions as we have been implementing business solutions for over 20 years.
“At Avanade, we’re deeply committed to protecting our clients’ data security and privacy. We invest significant resources in our people, processes and technologies to protect our clients.”
Security trained and capable workforce
Our people go through mandatory annual training on Information Security. Avanade's Security Essentials programme includes compliance courses that increase security awareness and secure behaviour adoption through the completion of interactive learning activities.
Additionally, all Avanade personnel are required to pass specific training courses, including safe information security practices, Client Data Protection (CDP) training, understanding data classification and applying Avanade’s Code of Business Ethics (CoBE).
Avanade client delivery requires a two-part CDP programme:
- A risk assessment to determine where the client's risk lies in relation to the project
- A mitigation phase that uses a Client Data Protection plan comprised of 35+ control categories and operated by the project team
Designed to meet Avanade’s security commitments
Avanade continually invests in information security-enabled capabilities to mitigate risks and meet our obligations to clients.
The Office of the Chief Information and Security Officer is heavily invested in ensuring our client solutions address information security concerns to help safeguard client data and privacy.
We build security to your requirements
We operate an Information Security Management System (ISMS) to apply practices and guidance in managing our risks as a trusted provider.
Our Business Continuity Management (BCM) efforts work to manage risk to ensure resiliency, continuity and availability of our business operations. Avanade’s BCM follows the lifecycle defined by the Business Continuity Institute (BCI).
As certified Azure Expert Managed Service Providers (MSPs), you can be sure that you’re working with a trusted advisor that will offer you repeatable, highly automated solutions that enable and support hyper-scale cloud implementations in a secure way.
We also have ISO/IEC 27001:2013, ISO/IEC 27701:2019, and Cyber Security Essentials (UK) certificates for information services, information systems, personnel, and data associated with or supported by Avanade’s internal corporate functions, Avanade’s Client Data Protection (CDP) programme, and Avanade’s Cloud Managed Services (CMS) business unit. We are working to attain TISAX certification in Germany to support the local auto industry and TrustMark certification supporting Singapore local government clients.
This includes using providers and vendors that have appropriate attestations for their business operations (as an example, by seeking evidence of certified ISO 27001 and ISO 27701 programmes and/or SSAE16 SOC1 and SOC2 annual audit reports).
Integrated risk program with ServiceNow
Learn how Avanade connected and automated GRC processes, creating up-to-date visibility of its compliance status, accelerating and strengthening its risk responses, and significantly reducing the demands on its previously overworked GRC team.
Threat detection and security automation with Azure Sentinel
Avanade now has integrated data, improved automation, and fred up its IT staff to focus on value-add projects—all while maintaining a commitment to its clients.
MS Insider Risk Management to lessen insider risk
Learn how Avanade deploys Insider Risk Management with ease, creating collaborative security and threading effective risk management through the ecosystem.
We know the Microsoft ecosystem
Avanade has unparalleled expertise with Microsoft products, technologies and solutions, and we leverage that experience to advise you on the geographic data privacy obligations and security control requirements where you do business. This includes the international, regulatory and industry-specific compliance standards.
Our deep understanding of how these technologies can be implemented on a practical level can help you maneuver in the global data security and privacy regulatory landscape. Our proven expertise includes:
- Microsoft Global Alliance SI Partner of the Year for the 15th time
- 25,000+ certifications in Microsoft technology
- Ranked No. 1 globally among Microsoft partners for both the number of Azure and Office 365 certified professionals
- Microsoft Azure Preferred Partner
- Sitecore’s first and largest Global Platinum Partner
- 10 mil+ Office 365 seats deployed; more than any other partner
- Proven Microsoft Cloud expertise on the Azure cloud and the Hybrid cloud
- Managed over 10,000 major projects for more than 4,000 clients worldwide
- 100+ Microsoft partner of the year awards
- We have 32,000 Microsoft Gold certifications in all 18 categories.
- 40,000 skilled professionals with diverse backgrounds, 32% of whom are women
- No. 1 in number of .NET certified professionals and 25+ MVP awards
- Microsoft Security 20/20 Partner Award Winner for Security Advisory of the Year in 2020