Security

LayerPulse is built to run on top of your existing Microsoft estate without adding risk. Here is how we secure your data and your connection.

1. Authentication and access

The connection to your Fabric and Power BI estate is read-only, made through an Azure Service Principal with the minimum permissions needed to read. We never store passwords, and we cannot change anything in your estate. Access to LayerPulse itself runs through a secure authentication provider.

2. Infrastructure

We host within the European Union (Microsoft Azure and Vercel). Traffic is encrypted with TLS, and stored data is encrypted at rest (AES-256). We follow the security standards of our infrastructure partners.

3. Tenant isolation

Every organization is strictly separated: data is walled off per organization and is never accessible to another customer. Your report data stays in your own tenant.

4. Microsoft APIs

We use only the official Microsoft Fabric and Power BI APIs, with the minimum read-only permissions required.

5. Monitoring and backups

We monitor the service for errors and anomalies and run automated backups of our database, so your data stays recoverable.

6. Responsible disclosure

Think you have found a vulnerability? Report it responsibly to info@qaas.nl and we will act on it as quickly as possible.

7. Incident response

If a security incident puts your data at risk, we will notify you within 72 hours, in line with the GDPR.

8. Compliance

We process data in line with the GDPR. A data processing agreement is available on request; see also our GDPR page.