π‘οΈ Security & Compliance
Technical and compliance background for security teams, IT administrators, and compliance officers evaluating GetCurrent.
Enterprise-grade security by design
GetCurrent is built on Microsoft's Zero Trust and Least Privilege principles. The application only reads data you explicitly grant access to through an admin consent flow β no data is written, no users are tracked beyond what is needed for the service.
Zero Trust
Tenant-scoped and administrative API calls are authenticated via Microsoft Entra ID. Public feed endpoints serve read-only content without credentials. No hardcoded secrets are used.
Least Privilege
Only the minimum required Microsoft Graph API permissions are requested β read-only access to Message Center data.
Minimal Storage
GetCurrent stores only the minimum data needed to operate: email address, tenant ID, domain, and cached update content. No unnecessary tenant configuration is retained.
Full Control
You decide when consent is granted and revoked. Offboarding immediately removes all tenant-linked data.
Summary
- Authentication exclusively via Microsoft Entra ID β no passwords stored in GetCurrent
- No service accounts or application-only permissions β all actions on behalf of the signed-in user
- Only tenant ID and domain are stored; no user profiles, no M365 configuration data
- All Azure resources run in the West Europe region (EU-hosted)
- Inbound traffic via Azure App Service with TLS 1.2+ enforced
- Secrets managed in Azure Key Vault, exposed at runtime via app settings (Key Vault references) β never hardcoded
- CSRF protection on all mutating API endpoints
- Rate limiting on all public API routes
- Content Security Policy headers on every page
Reference Architecture
GetCurrent runs entirely on Microsoft Azure in the West Europe region. All components are fully managed cloud services β no on-premises infrastructure required.
Authentication layer
EU-hosted
Delegated access
Serverless
from public feeds
Security controls
- TLS 1.2+ required on all endpoints
- HTTPS-only β HTTP traffic is automatically redirected
- CORS restricted to the application's own domains
- Secrets stored in a managed vault, accessed via Managed Identity
- Database access via Managed Identity where available
- Application monitoring and alerting enabled
Authentication & Authorisation
GetCurrent uses Microsoft Entra ID for all authentication. There are no local passwords, no local user databases, and no service accounts with persistent permissions.
Sign-in flow
- User clicks Sign In and is redirected to Microsoft Entra ID (CIAM)
- Microsoft handles authentication; GetCurrent receives a delegated access token
- App Service Easy Auth validates the token on every request
- GetCurrent reads the user-principal header β never the raw token
- Session expires automatically; refresh handled by Entra ID without re-login
Tenant onboarding (admin consent)
- A Global Administrator or Privileged Role Administrator grants admin consent for the GetCurrent Entra app registration
- After consent, Message Center messages for that tenant are fetched via Microsoft Graph
- Consent can be revoked at any time in Entra ID β Enterprise Applications
- After revocation, GetCurrent immediately stops fetching data for that tenant
No service accounts
- No application-only (app-role) Graph permissions β everything is delegated
- No shared service accounts in the customer tenant
- No refresh tokens stored outside the Entra session
- Scraper functions use GetCurrent's own Entra app for Graph calls β never customer tenant credentials
Multi-Factor Authentication
- MFA is enforced by the customer tenant via their own Conditional Access policies
- GetCurrent honours all claims in the Entra token
- CIAM guest accounts support MFA via Entra External ID
Microsoft Graph API Permissions
GetCurrent requests minimal, delegated permissions only. No write permissions, no access to mailboxes or user profiles.
| Permission | Type | Purpose | Admin consent |
|---|---|---|---|
ServiceMessage.Read.All | Delegated | Read Message Center posts for the tenant | β Required |
openid | Delegated | Basic sign-in (OpenID Connect) | No |
profile | Delegated | Display name for the signed-in user | No |
email | Delegated | Email address for account identification | No |
offline_access | Delegated | Background sync without re-authentication | No |
ServiceMessage.Read.All requires admin consent. All other permissions are standard OIDC scopes. No write permissions are ever requested.What GetCurrent cannot do
- Read or send emails on behalf of users
- Access SharePoint, Teams, or OneDrive content
- Read or modify user profiles, groups, or directory objects
- Create or modify any configuration in the tenant
- Act without a signed-in user (no app-only / background Graph access)
Data & Privacy
GetCurrent stores the absolute minimum required to deliver the service. It is designed as a read-only lens on Microsoft's update feeds β not a data platform.
| Data | Stored? | Purpose | Retention |
|---|---|---|---|
| Tenant ID & domain | β Yes | Link user to tenant for Message Center access | Until offboarding |
| Email address | β Yes | Account identification | Until account deletion |
| Bookmarks & saved items | β Yes | Personalisation feature | Until deleted by user |
| Message Center content | β Yes (cached) | Powers the Message Center view | Refreshed on each sync |
| User profile / photo | β No | β | β |
| Passwords or tokens | β No | β | β |
| Browsing behaviour | β No | β | β |
| Tenant M365 configuration | β No | β | β |
GDPR / AVG
- All data is stored in Azure West Europe β no data leaves the EU
- SecMinds acts as data processor; your organisation remains data controller
- Data subject requests (access, deletion) can be submitted via our contact page
- Offboarding removes all tenant-linked personal data within 30 days
Sub-processors
- Microsoft Azure (West Europe) β hosting, database, functions, Key Vault
- Microsoft Graph API β source of Message Center data
- Microsoft Entra ID β identity provider
- Google Analytics (GA4) β anonymous usage analytics with IP anonymisation enabled
- Microsoft Clarity β anonymous session replay and heatmaps for UX improvement
Analytics & Cookies
- Google Analytics collects anonymous page views and navigation patterns β no personally identifiable information is stored
- Microsoft Clarity records anonymised session replays and heatmaps to improve user experience
- Both services use first-party cookies; IP anonymisation is enabled for Google Analytics
- Analytics is only active on the production environment (
updates.getcurrent.cloud) - Analytics cookies are only loaded after you give explicit consent via the cookie banner
- You can change your cookie preferences at any time via the "Cookie Settings" link in the footer