Managing information system security is a priority for every organization. In fact, the level of security provided by software vendors has become a differentiating factor for IT purchase decisions. Quest strives to meet standards designed to provide its customers with their desired level of security as it relates to privacy, confidentiality, integrity and availability. This document describes the security features of On Demand Group Management, which includes access control, protection of customer data, secure network communication, and cryptographic standards.
About On Demand Group Management
On Demand Group Management is a cloud-based service on Azure, which provides group management services for Office 365 tenants and Hybrid Active Directory as a Service (SaaS) product solution. The core services provided are outlined in the following diagram.
Administrators can manage, browse, and search Office 365 groups.
Users can create or manage groups and distribution lists. All these processes are controlled by management approval workflow.
Administrators can manage and customize request approval workflow procedures for end-users who are requesting groups.
Users can periodically ensure their membership in the group or the group’s existence.
The portal has a suite of modern visualizations to interactively show analytical data.
Hybrid Active Directory
Administrators can manage, browse, and search groups within hybrid AD (also known as On-premises AD where AADC is enabled).
Users can manage Hybrid AD groups. All these processes are controlled by management approval workflow.
Administrators can manage and customize request approval workflow procedures for end-users who are requesting Hybrid AD groups.
Users can periodically ensure the membership in the group is accurate or the group existence is necessary.
The following schemes shows the key components of the On Demand Group Management configuration.
Azure datacenter security
Microsoft Azure datacenters have the highest possible physical security and are considered among the most secure and well protected datacenters in the world. They are subject to regular audits and certifications including Service Organization Controls (SOC) 1, SOC 2 and ISO/IEC 27001:2005. Relevant references with additional information about the Windows Azure datacenter security can be found here: