Security & Compliance

Security is built into how Dr Migrate collects, transmits and stores data. This page summarises the controls; the Trust Center holds the full detail including penetration testing results.

Core principles

Encrypted everywhere

Data encrypted at rest and in transit (HTTPS / 443).

Outbound only

DMC uploads outbound; no inbound firewall rules required.

Controlled identity

Access via Azure AD / AD B2B; least-privilege service principals.

Isolation

Dedicated, logically isolated customer instances.

Certifications & standards

  • ISO 27001 certified
  • GDPR aligned for privacy and personal-data protection
  • No persistent credentials stored on-premises (DMC uses ephemeral, short-lived tokens)

Credential handling

How DMC manages and protects the credentials used during scanning is documented under Security Credential Management.

For comprehensive security information (controls, architecture documentation, and test results), visit the Trust Center.

© 2025 Altra Technologies