This article gives you an overview of Decisions architecture and security features and how they work to align with your Office 365 tenant and policies.
Decisions is built on top of Microsoft Office 365 and the Microsoft Graph. For you, that means that all files, meetings, users, tasks, etc. are stored, secured and managed in your existing Office 365 tenant. To further ensure that your data is only transferred between your end-users' devices and your Office 365, Decisions is built as a Single Page Application (SPA) that runs in a browser sandbox on the end-users' devices and communicates directly with your Office 365 tenant.
The reason for designing Decisions in this way is to make sure you remain in control of your data and to align with your existing security policies.
Decisions integrates with our customer's Azure AD for authentication. This means that you are in full control through your Azure AD with regards to password policies, multi-factor authentication, conditional access policies, which users are allowed to use Decisions, etc.
Decisions also allows guests (persons not members of your organization) to be invited to meetings. Guest users are managed in Azure AD through its guest feature. This means that if you don't allow guests to be invited into your organization, or you have some partial restrictions on guests, those will apply to the use of Decisions, too.
In addition, Decisions only requires delegated permissions for the Microsoft Graph. This means that Decisions always runs in the context of a signed-in user, and the permissions that user has in your Office 365 tenant. See Decisions Microsoft Graph permissions explained for more details on what permission levels are needed.
This also means that no Decisions employees have access to your data.
Decisions is built on top of Microsoft Office 365 but also has Decisions-specific services hosted on Azure. The Office 365 hosting options are managed by you for your Office 365 tenant. As all customer data is stored in Office 365, data managed in Office 365 through Decisions will also follow those configurations.
For the resources hosted in Azure, Decisions uses a combination of stateless global services such as Azure Front Door and Azure App Services, but also data storage services such as Azure Storage, Azure Cosmos DB and Application Insights. Decisions databases are deployed to GDPR compliant Azure regions.
As Decisions is built on top of Office 365, all of your data is kept in services such as Microsoft SharePoint, Microsoft Planner and Microsoft OneNote. Decisions Azure services are used to maintain a database of object relations for objects such as meeting agendas, decisions, tasks, presenters, etc. specific to Decisions. Note that Decisions only stores references (object id's/guides) to data in your Office 365 tenant, not the data itself.
To summarize, the categories of persistent data Decisions deals with are as follows:
- Customer's Office 365 tenant: user accounts, files, calendar events, tasks, notes, etc.
- Decisions database: references to data stored in customer's Office 365 tenant
- Application Insights: metadata about application usage and health
This also means that even without the Decisions application, you still have access to all your data through Office 365 services such as Outlook, SharePoint, Planner and OneNote.
Data in transit is secure using HTTPS/TLS.
For encryption at rest, you are responsible for managing the level of encryption in your Office 365 tenant. Please refer to Microsoft's documentation on Office 365 encryption.
Decisions uses both Azure Storage and Azure Cosmos DB for data storage and leverages their respective built-in features for encryption at rest.
Office 365 security and compliance
As Decisions stores all customer data and user accounts in the customer's Office 365 tenant, all existing security and compliance features are utilized. Please refer to Microsoft documentation for more details on the security and compliance features, which is part of your Office 365 subscription.
For any additional questions, please contact support.