Articles in this section

Templafy Tech Brief

 

About this Article

This article provides an overview of the technical stack used by Templafy. Templafy’s technology is a cloud-born SaaS platform. It has the flexibility to integrate into existing document ecosystems – whether on-premise or already in the cloud. Templafy integrates into Microsoft Office 2016/2019, Microsoft Office 365, and Google Workspace. It can be configured and customized to meet the needs of any organization in the world – no matter the size.

Templafy is the content enablement platform enabling businesses to align workforces and employees to create better performing business content, faster. Templafy boosts company productivity by introducing centralized governance to the document creation workflow.

 

Technical prerequisites 

 

 

Technology

 

Front-end: TypeScript, React, WPF

Backend: .NET, ASP.NET Core, VSTO

Hosting: Azure, Docker, Kubernetes (AKS), Web Apps, Azure SQL, etc.

Browser support

Microsoft Edge

Google Chrome

Mozilla Firefox

Apple Safari 

Cloud platform,
security and scaling

Web site and backend is hosted on Microsoft Azure Kubernetes and stores data in Azure Platform as a Service (PaaS).

Microsoft Azure is certified with ISO 27001 and PCI DSS among other.

For more information on Microsoft Azure security and compliance:
http://azure.microsoft.com/en-us/support/trust-center/

Microsoft Azure provides SLA of 99,95% for Kubernetes (website and API) and 99,99% for data storage.

For info on Microsoft SLA:
http://azure.microsoft.com/en-us/support/legal/sla/

Scaling

Templafy uses Microsoft Azure Kubernetes automatic scaling of web sites.
New instances are automatically spun up based on activity on web server.
Database and Azure backend features are configured for performance.

Geofencing 

Templafy is hosted in multiple Azure Data Center regions:

One

North Europe and West Europe
Hive
West Europe and North Europe
East US and West US
Central Canada and Canada East
Australia East and Australia Southeast

Customers can request their tenant to be isolated to a specific region.

Data storage

Data are stored in SQL Azure. Files are stored in Azure Blob storage.

Both types of storage are considered highly secure and reliable (eg. all data is saved on 3 disks and has geo redundancy to other data center within geographical region).

Guest and
data isolation

The Microsoft Azure backend ensures that no other Microsoft Azure customer can access our data.

Isolated data containers for each customer/client with no direct access and a web based access control system ensures that a user can only see data for the customer for which the User is signed on.

Role based system ensures that a User can only perform tasks in the system to which the User has been assigned privileges.

All controllers in the system have authentication filters to ensure guest isolation.

Encryption

All internal communication between server and client is SSL encrypted.

All data in transit is SSL (TLS) encrypted.

All data at rest is encrypted using Service Managed Keys (AES256).

Customer BYOK is not supported.

Open Source components

A selection of secure and qualified Open Source components are used and are constantly monitored for patches and security vulnerabilities.

Third party tools

A list of third-parties used during the provision of the service can be found at https://www.templafy.com/data-processing-agreement

Authentication

Any SAML2 based Authentication Service (e.g. ADFS, Ping Federate, OKTA, Airwatch, etc.)

Open ID Connect like Microsoft Entra ID

OAuth 2.0 based authentication providers like Google

SCIM

Single Sign-On

Templafy supports SCIM - read more here 

OpenID Connect via App in Microsoft Entra ID

ADFS, Ping Federate, OKTA, and SAML2

Open ID Connect

Protection

To find out more about our extensive security protections, see our AICPA SOC report. SERVICE ORGANIZATION CONTROL REPORT ON CONTROLS RELEVANT TO SECURITY, CONFIDENTIALITY, AND AVAILABILITY

Logging

Customer tenant

  • Operations performed by users and administrators are logged in the activity log.
  • Lasted login is logged in the admin centre.
  • Successful and failed log-ins are captured client-side using customer elected identity provider.

Templafy internal monitoring

All requests to servers are logged for minimum 1 year, including any operations performed by privileged admins. These are monitored continuously using SIEM.

File types supported

docx, pptx, xlsx, pdf, jpg, png, .svg. More file types are added continuously.

Ports used for communication between device and application

 HTTPS (443) port only

Azure Tech brief sso tech vpn VPN
Was this article helpful?
6 out of 6 found this helpful

Comments

0 comments

Article is closed for comments.