Security of your data is our top priority
All data that we source from your services is stored on our side with 256-bit AES encryption. With over 90% of the services we integrate with, this is a stronger encryption than the source we get it from, with the other 10% matching this encryption level. Representations of this raw data are stored in text to allow us to allow you to search, however are managed behind multiple layers of firewalls and proxies and are only authenticated via a set of unique keys.
Security Priority Guarantee
CluedIn only surfaces and stores a representation of your data, it does not store the original version. Hence, on detection of intrusion that we deem destructive, we will temporarily wipe your CluedIn data from our servers. Once the intrusion is subsided, we will re-gather your data to get CluedIn back to its original state for your organization. In this time, the service will be unavailable for you. This gives you the guarantee that we will prioritize the security of your data over the service level agreement.
High Data Availability Service Level Agreement
We take automatic daily database backups and we keep them for 30 days. For the enterprise option, there is also the possibility to increase this frequency and length of archive. All our systems are built on redundant, fault tolerant stacks and we maintain backups for all subsystems. We have round the clock monitoring systems to make sure that your service is untainted as much as possible. We follow industry standard practices in infrastructure redundancy.
In addition to user accounts authenticated via username and password, CluedIn also supports the use of Single Sign-on and Identity Frameworks. Every single request that is made to the CluedIn application is done with encrypted Access Tokens that have no correlation with a user’s identity or credentials. All user passwords are stored in the database only after being passed through a one-way hash-and-salt technique (a standard practice for high security).
Our servers are with Amazon AWS and are hosted within the US. AWS infrastructure is housed in Amazon-controlled data centers. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers. The data centers themselves are secured with a variety of physical controls to prevent unauthorized access.