Compliance

DataRow

AWS Cloud Provider

  • ISO-9001
  • ISO-27001
  • ISO-27017
  • ISO-27018
  • SOC-1
  • SOC-2
  • SOC-3

Product Security Features

Authentication

 

  • Strong Password, Password Expiration, and Password History policies
  • Captcha protection for password authentication
  • Ability to revoke all sessions or reset all user passwords

Logging

 

  • Persistent Alert, Incident, and Team Logs for regulatory compliance
  • Searchable Logs Page containing all activities

Access control

 

  • Team-based & user-based integrations only allow access to team-based/user-based resources
  • User & team member role support
  • Custom role support for fine-grained access of control policies
  • Integration access control policies & API key regenerate support

Security for your systems

 

  • Static IPs available for whitelisting DataRow traffic to your systems, webhook & other integrations
  • Marid as a pub-sub DataRow event listener, requires no incoming traffic permissions

Organization Security

  • Strict controls for DataRow employees’ access to customer data
  • Information security training and awareness program
  • Security embedded to Software Development Life Cycle
  • Centralized Endpoint protection
  • Incident management policies & procedures implemented for security breaches
  • Policies & procedures implemented based on ISO 27001 Information Security
  • Shared responsibility model within the organization
  • Each product engineering team focuses on the security of features they crafted
  • Cross functional team focuses on the application infrastructure security
  • Security & Reliability engineering team focuses on Cloud Infrastructure security
  • Chief Security & Reliability officer focuses on all aspects of security
  • Director of Security focuses on policies & compliances across company
  • All management members and directors share security responsibility on their teams

Platform Security

  • Shared responsibility model with AWS as Cloud Provider
  • Encryption in transit TLS 1.2 and at rest AES-256
  • Passwords are stored with strong one-way encryption, Bcrypt with salt & pepper
  • Stripe for Credit Card Processing, Stripe certified to PCI Service Provider Level 1
  • Always available on multiple regions and availability zones
  • Dedicated multi-tenant data protection layer
  • Multiple levels of firewalls, policy layers for network and data protection
  • DDOS protection, 7/24 DDOS support by AWS
  • Excessive logging and monitoring for vulnerabilities and intrusion detection
  • Automated configuration assessment
  • Changes and deployments are automated and reviewed
  • Penetration testing & 3rd Party Pentest

Whitepaper: Security at DataRow

Whitepaper: DataRow Key Management Service

Learn more about how we ensure the security of your data at DataRow.

Download the Security whitepaper

Learn more about how we ensure the security of your data at DataRow.

Download the Key Management Service whitepaper

Ready to use DataRow?

Get started with a free trial for your business.

REQUEST ACCESS
DataRow

DataRow