We go above and beyond industry security requirements to ensure that your data is secure.
Skyflow's team, processes and technologies use a three-pronged approach to protect customer data:
We follow established security patterns for hardening, encryption, authentication and authorization. Our security team performs regular risk-based threat analysis during development cycles to continually re-evaluate and refine our security posture. To ensure additional security of our platform, we regularly conduct the following security checks:
As it relates to policy, we employ the principle of least privilege — engineers are only granted the authorization required to perform their job functions. The following details the type of access we have internally to customer’s data:
Skyflow’s platform has detailed audit logging to track all security-sensitive events on a centralized log server for analysis and alerts. To maintain constant operational security of the platform, we conduct the following maintenance:
The Skyflow platform architecture sets up an independent network security zone at the Workspace and Vault level to protect data from each customer so access rules are fully customizable and hardened to each environment. Additionally, the network and data segmentation also limits the potential impact from any individual system failures.
All storage media used in production are enabled with encryption. Further, the Skyflow application, per configuration, performs application encryption to protection-marked data sets using encryption keys managed by the Skyflow systems.
All inter-system communications within Skyflow are encrypted and routed through private channels only and do not enter the public internet. All ingress and egress communications are controlled by network security and are periodically reviewed and approved by the security team.
Skyflow infrastructure employs multiple levels of system recovery and data recovery scheme, including as the following:
We have implemented Multi-Factor Authentication-based Single Sign-On for infrastructure system access. System management tools have built-in support for Skyflow’s SSO system. Exceptions require the implementation of strong passwords to minimize the risk of credential theft or brute force attacks.
For security operations, Skyflow covers a number of areas detailed below:
Our platform environment and team adhere to the following standards:
We maintain a high level of organizational and employee compliance and security standards with role-based mandatory training. They ensure that we stay up to date with responsibilities and guidelines for handling security, system and any data. These efforts include: