Secure technology. Responsible practices. Trusted partnership.
We protect the information your organisation relies on every day — financial, operational, planning. Our approach combines secure technology, responsible data practices, and trusted Microsoft Azure infrastructure, so you can work with confidence.
Security is not an afterthought.
Security is built into the design of the IDU platform, our hosting environments, and the way our teams operate. Whether deployed on-premise, within your preferred hosted environment, or through the IDU Cloud powered by Microsoft Azure, our solutions are designed to maintain the confidentiality, integrity, and protection of your information.
The same governance, the same controls, and the same operational discipline apply across every deployment model — what changes is who runs the infrastructure, not how seriously security is taken.
Security is embedded into the way we develop, host and support our solutions.
Protecting your information at every layer.
Data protection
Sensitive data is protected with 256-bit encryption at rest and encrypted HTTPS transmission in transit. Databases are password-protected with configurable policies, and daily backups run with managed retention. We continually review and strengthen these measures as technologies and risks evolve.
Cloud infrastructure
IDU Cloud is hosted within Microsoft Azure, with firewalls and threat-protection technologies, controlled administrative access, secure backup and recovery, and ongoing monitoring. Where applicable, hosting can be provisioned within Azure regions to support local data-residency requirements.
Access & authentication
Role-based access controls keep users to the data their role requires. SSO and Active Directory integration, multi-factor authentication for managed environments, restricted administrative access, and configurable user-level permissions support governance across teams and departments.
Strong security needs more than technology.
Strong security depends on responsible governance, ethical conduct, and accountability — not just controls. IDU is committed to handling customer information responsibly and in alignment with recognised best practices and applicable privacy legislation, including South Africa’s Protection of Personal Information Act (POPIA).
Internally, that translates into responsible use of data and technology, confidential handling of customer information, controlled access procedures for our own people, and a standard of ethical conduct that runs through every customer engagement.
Organisations need more than software — they need confidence in the people, processes, and technology behind it. As technologies evolve and security challenges continue to change, we remain committed to continually strengthening and improving the way we protect customer information.
Trust is built through transparency, responsibility and consistent operational standards.
FAQs about security.
How is capex planning secured and governed?
Access is role-based and configurable. Users can be restricted to specific cost centres or functions, while all changes and approvals are tracked within a controlled and auditable environment.
How is sensitive salary information secured?
Access to workforce data is controlled at a detailed level. For example, a cost centre manager can be given access to plan and submit headcount without visibility of individual salary details, or may only be able to add new positions without seeing existing remuneration. Access rights are fully configurable to match organisational policies.
How is system access controlled?
IDU uses role-based access to ensure users only see the data relevant to their responsibilities. Administrative access is restricted and controlled, providing an additional layer of governance.
How is workforce data protected?
Data is securely stored and encrypted within the database, ensuring sensitive payroll and employee information is protected.
How is access controlled?
Access is role-based and configurable. Project owners can manage their projects while finance maintains visibility and governance across the portfolio.
Who is responsible for security?
For on-premise and private cloud deployments, your IT team or hosting provider manages infrastructure security. For IDU Cloud, infrastructure security is managed within the Azure environment, with application-level security managed within IDU.
What does the IDU audit trail cover, and is it enterprise-grade?
Every change — budget submission, forecast revision, scenario adoption, late adjustment — is timestamped, attributed, and preserved. Role-based access scopes who can see and change what. Encrypted at rest and in transit, hosted on Microsoft Azure, with POPIA-aligned data practices. Listed companies and regulated financial-services groups run their council-grade planning and reporting on IDU today.
What does the IDU audit trail cover, and is it auditor-grade?
Every change — budget submission, forecast revision, scenario adoption, late adjustment — is timestamped, attributed, and preserved. Role-based access scopes who can see and change what. Encrypted at rest and in transit, hosted on Microsoft Azure, with POPIA-aligned data practices. Listed companies and regulated financial-services groups run their council-grade audits on IDU today.
Work with confidence.
Talk to our team about hosting environments, our security approach, or deployment options that fit your organisation.