Adonis Cloud, the current situation

Owned by Halvard Meijer
Last updated: Apr 15, 2022 by Per Ove Kviteberg

The Russian attack on Ukraine has created concern with a number of our customers regarding the data protection and data security in our hosted Adonis Cloud environment, built on Microsoft Azure. The purpose of this article is to assure our clients that the current situation is not adding any risk for the protection of their valued data.  

 

Note: Adonis and Adonis Staff covers Adonis AS in Norway, all of our affiliated service providers, and the respective staff members. 

General 

Our customer agreements around data security and GDPR remain in effect as usual. The company has heightened it’s alert status on reducing risks and preventing threats, maintaining full attention in our daily operations as well as keeping it on the agenda for each board meeting. 

 

Hosting sites 

Your data is located in one of the following three Microsoft Azure locations: 

Europe: Azure Data Center, Amsterdam, Europe 

Asia: Azure Data Center, Singapore, Southeast Asia 

Americas: Azure Data Center, Washington, West US 2 

The sites mentioned above are the only permanent hosting sites for customer data. 

Adonis Cloud is a single tenancy platform, meaning that each customer has its own independent database and instance of the software. Several environments may have been created for various purposes like production, test, training, development, etc. This is always based upon separate requests and agreements made with the individual customer. 

 

Data download, upload, and sending 

Adonis staff does not download customer databases from the Adonis Cloud platform.  

No customer data extracts/files are downloaded or exported to any other site, except when it is especially agreed with the customer. This is normally for data cleaning purposes related to ongoing implementation projects, when files containing the customer’s personal data may, on an ad hoc basis, be transferred between Adonis cloud and other environments under the control of Adonis. Such transfers are always done through secure, encrypted channels. Adonis has solid procedures in place for permanent deletion of such data after they have served their purpose. 

Customers may, from time to time, send files or screenshots by email that may contain sensitive information across to our ticketing system, which is ConnectWise, located in the US. Our Support staff is continuously on the lookout for such incidents and informing the users on the importance of using secure channels and garble screenshots that are displaying sensitive information. 

 

Access to customer data 

Only specifically assigned support and service personnel may be given access to customer data. This relates to support work, regular maintenance, and upgrade of the software. The following table provides an overview of the current situation with our staff located in Ukraine and Russia. 

Company 

Access 

Adonis Soft LLC, Russia 

No access to Adonis Cloud’s Azure environments 

Adonis Development and QA LLC, Ukraine 

No access to Adonis Cloud’s Azure environments 

Adonis Project LLC, Ukraine 

Periodical access to Adonis Cloud’s Azure environments 

Adonis Kharkiv LLC, Ukraine 

Permanent access for selected positions/persons to Adonis Cloud’s Azure environments 

 

 

Database Scrambling 

Adonis has developed sophisticated tools that enable us to scramble a database for all sensitive personal information and leave it with dummy names for personnel, vessels, departments, etc., making it impossible to retrieve any sensitive information from the database. Read more about GDPR Pseudonymization plug-in

This is used for customers who wish to maintain systems outside the production platform, such as training and testing. The scrambled databases are also used by our support, test and development teams. 

 

 

 

New Services 

Taking into consideration the special situation and uncertainty created by the war, Adonis has decided to offer our Adonis Cloud customers extra services that will reduce the risk of compromising sensitive information.  Our customers have now the option to limit further or block access to their systems, as follows: 

  1. Full Block 

This will set No Access for all Adonis Staff, except the Adonis Cloud Administrator, to all customer databases that contain sensitive data. The client may authorize access granted to specific functions in Adonis (restricted to those outside Ukraine) from case to case. 

 

  1. Partial Block 

This will set No Access to all Adonis Staff located in Ukraine. Standard role-based access is given only to personnel outside the region. From case to case, the client may authorize access to specific functions within Ukraine. 

The administration of these optional services will create some overhead costs that will be billed together with the subscription fee as long as the service remains in effect. 

An electronic booking form will be made available.