Security at CiraHub

Cira Apps Ltd. takes user data security very seriously and has taken action to ensure user data is kept secure.

This page includes the following security topics:

    • CiraHub integration with Microsoft Azure.
    • How user data flows through CiraHub.
    • Additional CiraHub User Data Security Measures
    • Cira Apps data privacy policies.

CiraHub Integration with Microsoft Azure

CiraHub is registered with Microsoft Azure. It utilizes the Azure Consent Framework and will not store passwords. However, in situations where Azure Consent is not possible, CiraHub uses the Azure Key Vault. All subscriber data is kept within the Microsoft Cloud. With over 100 million active users on Microsoft 365 and more cloud security certifications than any other company, Microsoft Azure’s security is among the best in the world.

CiraHub Data Flow Architecture

  1. The user accesses the CiraHub dashboard to set up and manage CiraHub.
    NOTE: CiraHub lives inside the Microsoft Azure Cloud. The only endpoints that exist outside the cloud are the following:

    • The CiraHub dashboard, which is hidden behind the Cloudflare Content Delivery Network
    • Applications outside the Microsoft environment
    • User output devices such as smartphones.
  2. CiraHub utilizes a hub-and-spoke architecture to store and sync data as determined by the user.
     NOTE: Conceptually, CiraHub treats each user as spokes on a wheel. These Spokes are data endpoints that contribute data to a central Hub. Then, when two-way synchronization is manually enabled, the cumulative data is then pushed to each spoke.
  3. CiraHub utilizes a combination of EWS, Microsoft Graph API, and Powershell commands to push and pull data in and out of the hub.
  4. During the initial set up of the hub and spoke, two-way sync is not automatically enabled. The user must go into the individual settings for each spoke and enable it. This gives users control and filter the data that gets synced to the spokes.

Additional CiraHub Data Security Measures

The following tables describes the other data architecture measures taken by Cira Apps to ensure the that user data is safe and secure in CiraHub.

Dashboard Security is the only public internet endpoint. The dashboard is hidden behind the Cloudflare Content Delivery Network.

For most functions, CiraHub does not store passwords or ask for passwords.  Instead, CiraHub will use the Azure Consent Framework for mailbox access.

Furthermore, during the initial login of CiraHub, users will be redirected to the Microsoft Login page.

In situations where Azure Consent is not possible, CiraHub will use the Azure Key Vault to securely store passwords.

EWS Connection, Graph API

When CiraHub updates mailboxes in Microsoft 365, it uses HTTPS to connect with EWS. This EWS connection does not flow through the public internet.

If CiraHub is syncing and populating the GAL, it uses the Microsoft Graph API. Any and all security data handled by the Microsoft Graph API is sensitive and protected by Azure Active Directory delegated permissions and roles.

Subscriber and Licensing Information All subscriber and licensing information is stored in Azure SQL as a service and is only accessible from the dashboard and worker processes.
Data Caching

CiraHub workers cache sync configuration data received from the Microsoft Enterprise Applications into a secure database in the Microsoft Cloud.

All data cached by CiraHub can be voluntarily removed by the user through the CiraHub dashboard. Once a user decides to no longer participate in CiraHub, data owned by the user is erased.

Cira Apps Data Privacy Policy

Cira Apps gives users the choice of whether to provide information and what information is provided. In accordance with local law, CiraHub allows users to exercise certain controls and choices, such as the following:

    • Correct, update, and delete registration accounts tied to CiraHub. This includes all information that is cached by CiraHub.
    • Choose whether to receive promotional offers and targeted ads from CiraHub.

Personal Information is collected when users request products, services, or information from Cira Apps Ltd. This includes registering for a CiraHub account and participating in public forums or other activities on and any platform which permits us to interact directly with the users.

The collected information is used for the following:

    • Provide users with products, information, and services that are requested.
    • Communicate with users about their account and their transactions with Cira Apps Ltd.
    • Create and calculate anonymous statistical information to help improve Cira Apps Ltd services.

For more information on how Cira Apps Ltd. handles user data, read the Cira Apps Ltd. Privacy Policy.