Security, Data & Continuity

Clear security and support responsibilities before software goes live.

Every Luminair project documents where information is held, who can access it, how the custom software is maintained and what happens if support later moves to another provider.

The questions directors and technology reviewers should be able to answer.

Data location and system boundaries

The project architecture identifies which information remains in systems such as Fin365, Xplan or SharePoint, what the custom application needs to process and where production services are hosted.

Identity and access

Client and staff access is designed around the agreed identity provider, multi-factor authentication where supported, role-based permissions and least-privilege production access.

Software protection

The agreed support arrangement covers encrypted connections, dependency updates, vulnerability management, logging, monitoring and independent testing where required.

Availability and recovery

Hosting, backups, recovery expectations, monitoring and incident responsibilities are documented for the selected architecture before launch.

People and providers

Authorised access, third-party providers and any overseas access are identified for the project rather than hidden behind a generic assurance.

Continuity and transition

Repository access, documentation, data export, support transition and treatment of reusable Luminair components are agreed in the project agreement.

Completing supplier due diligence?

Luminair can provide project-specific architecture, provider, access, support and continuity information or respond to your supplier questionnaire. Claims are matched to the proposed solution rather than made generically.