Security
Security and trust are top priorities
At SquaredUp, we maintain high standards of data privacy and security. Read the below to learn about our data security policies, how we store your data and more. Please contact SquaredUp Support
Learn more in this SQUPCAST episode featuring a security chat with the SquaredUp CTO:
Data Security
- Data both at rest and in transit is encrypted:
- Data at rest is encrypted using industry-standard AES-256 algorithms.
- Data in-transit is encrypted using HTTPS (TLS 1.2 and higher is negotiated).
ISO 27001:2013 Framework
SquaredUp is proud to be ISO 27001:2013 certified. Data security is managed in accordance with the ISO 27001:2013 framework. Certification to this standard demonstrates our commitment to the management of security. ISO 27001 is a security management standard that specifies security management best practices, and it's implementation demands a rigorous security program including an Information Security Management System (ISMS).
CSA STAR Registry
SquaredUp is proud to be listed in the Cloud Security Alliance (CSA) STAR Registry. This achievement underscores our dedication to maintaining the highest standards of security and transparency. To view our listing and learn more about our security practices, please visit our CSA STAR Registry listing.
Data Stored
- User email addresses and, if using email/password sign-in, user passwords are stored to provide sign-in functionality. Note that SquaredUp user passwords (where using email/password sign-in) are not retrievable or recoverable, even by SquaredUp, therefore lost/forgotton passwords will need to be reset.
- Configuration data such as organization, workspace, and dashboard names and their configuration.
- Map data indexed via data sources - the exact properties stored varies by data source but is typically the names and types of objects such as hosts, repositories, pipelines, databases, functions, containers, and so on, along with the relevant metadata and the relationships between them. This data is indexed to know where to find it so that data about these objects can be read on-demand when a dashboard is displayed.
- Map data computed by SquaredUp, such as the state of monitors and the derived correlations between objects.
- Data is stored geographically, see Architecture
- Note that API keys (if used for API access) are not stored in their entirety. Only the last 4 characters are stored for display purposes, along with a SHA-256 hash of the API key to authenticate an application accessing the API.
Backup
A big benefit of the Map is that it acts like a cache that indexes data sources, so that data can be quickly and easily loaded away and recreated whenever needed.
On top of this, as an added layer of extra security, SquaredUp performs daily backups of this data regardless. Similarly, AWS S3 blobs are also double-protected with a daily backup.
Additionally, the configuration database is backed up continuously, on every change, giving true point-in-time recovery.
Encryption
- Encryption in transit: Encryption occurs entirely over HTTPS.
- Encryption at rest: All data from the Map and configuration database is encrypted above and beyond what is necessary. For example, passwords and API keys entered when configuring a data source are double encrypted – once as soon as you enter / save them and again when stored in Dynamo.
Single Sign On
SquaredUp provides a variety of single sign on (SSO) options for logging into the application.
Policies
Bug Disclosure Process
We regularly and periodically engage with third party accredited vendors to perform external security testing of our infrastructure and offerings.
We take security seriously, and we're interested to hear any comments or reports about our products or websites.
If you believe you've found something of interest, please contact us at [email protected]
You can (optionally) encrypt your communications with our PGP public key