Security | Marquis Data

Platform How It Works Data Quality & Mastering IQ Insights Connected Analytics Security Why Marquis?

Solutions Finance Inventory Operations Pricing Sales Procurement Private Equity

ERP Integrations Microsoft Dynamics Epicor Sage SAP Acumatica NetSuite Infor Salesforce CRM All Other ERP Platforms

Resources Customer Stories Webinars Point of View

Company Leadership Contact Us

Cloud Infrastructure

Marquis operates entirely within Microsoft Azure. We do not maintain physical servers, on-premises infrastructure, or private data centers. All client data is stored and processed within Azure-managed services, benefiting from enterprise-grade availability, redundancy, and built-in platform security controls.

Identity & Access Management

Access to Marquis systems is managed through Microsoft Entra, Microsoft's enterprise identity platform. Multi-factor authentication is required for all Marquis-managed accounts. Access is provisioned on a minimum-necessary basis and requires explicit authorization before any user or service account is granted access to a client environment.

Data Protection

All client data is treated as confidential and proprietary regardless of content type. Data is encrypted in transit and at rest. We apply data minimization principles, avoiding ingestion of information beyond what analytics delivery requires. At the conclusion of a client engagement, all associated data and artifacts are destroyed.

Secure Development

Application code, data pipelines, and automation scripts are developed and maintained with security controls in place. Credentials and secrets are never embedded in code or stored in insecure locations. Changes to production systems follow a documented review and change management process. The Marquis IQ application undergoes independent third-party security scanning with a defined internal remediation workflow.

Monitoring & Detection

Marquis maintains logging and monitoring across cloud services, application components, identities, and endpoints. We leverage Azure-native monitoring capabilities alongside third-party scanning for the Marquis IQ application. All personnel are expected to report security concerns promptly, and a defined escalation path is in place for security events.

Program Framework

Aligned to NIST Cybersecurity Framework 2.0

Our security program is structured around NIST CSF 2.0, a risk-based framework widely recognized across industries. We use it to organize our controls, identify gaps, track remediation, and communicate our security posture consistently to clients and stakeholders. The program is maintained and reviewed by leadership on a documented schedule.

Govern: oversight, roles, policy, and risk management

Identify: asset inventory, data flows, and risk assessment

Protect: access controls, data handling, and secure development

Detect: monitoring, alerting, and vulnerability management

Respond: incident response and client notification

Recover: restoration, validation, and post-incident review

Data Lifecycle

Protected from the moment we connect. Deleted when we're done.

Every client engagement follows a consistent data lifecycle. Access is scoped to what analytics delivery requires, data is stored only in approved Azure environments, and when a contract concludes, all client data and associated artifacts are permanently destroyed. Not archived, not anonymized. Deleted.

We seek to minimize data ingestion wherever practical. If a field is not needed to produce the analytics output, we prefer not to ingest it.

Scoped ingestion

Read-only connectors pull only the data required for analytics. Dedicated service accounts are established per client.

Encrypted storage

Data lands in Azure SQL with encryption at rest. Stored and processed only in approved Marquis-managed environments.

Access-controlled delivery

Reporting access is provisioned per authorized user. Client approvers control who in their organization can access data.

Secure offboarding

At contract conclusion, all databases, storage, and associated artifacts are destroyed. No data is retained beyond contractual need.

Your data is handled with the same care you'd give it yourself.

Aligned to NIST Cybersecurity Framework 2.0

Protected from the moment we connect. Deleted when we're done.

Security review or vendor questionnaire?