Access to those systems is always in a secure environment, and we require certification of the environment in which access will be provided. We have to be in effectively a SCIF situation to receive access to a database.
On October 25th, 2016. See this statement in context.