Security and data protection
The Sennheiser DeviceHub platform uses security-by-design principles, Azure-hosted identity and encryption controls, and GDPR-aligned data handling to protect user information and AV infrastructure across global regions.
The Sennheiser DeviceHub platform is built following security-by-design principles to ensure the confidentiality, integrity, and availability of your AV infrastructure. Hosted on Microsoft Azure, it leverages enterprise-grade identity controls, encrypted communications, and compliance frameworks to protect user data and device interactions.
Security features
- Cloud infrastructure: resilient and scalable Microsoft Azure environment
- Identity management:
- Microsoft Entra with strong password enforcement, account lockout, and secure authentication
- Single sign-on (SSO)
- Multi-factor authentication (MFA)
- Device security: secure device enrollment and encrypted communication
- Data protection:
- Encryption in transit via HTTPS and TLS 1.2+
- Encryption at rest within databases using industry-standard algorithms
- Monitoring and incident response
- Continuous cloud security monitoring
- Dedicated incident response team with a documented response plan
- Compliance
- Compliant with GDPR and with NIS2 when it comes into force in Germany in 2026
- Cyber Resilience Act (CRA) compliance when it comes into force in 2027
- Information security policy aligned with best practices
What data is processed and where we store the data
- User email address
- User first and last names
- Data storage: using Microsoft Azure services and storing the data on EU data servers
- Organization name
- Location names
- Device configuration
- Data storage: using Microsoft Azure services and storing the data in all three regions for redundancy and availability: AMER, EMEA, APAC
All private data processing is done in compliance with GDPR. For more information, please see the Sennheiser DeviceHub Privacy Policy.