- 17 Jul 2023
Data Privacy and Security
- Updated On 17 Jul 2023
Dataloop prioritizes the protection of our customers' data and maintains a strong commitment to data privacy and security. This documentation provides an overview of our capabilities in supporting key aspects of data privacy and security.
Data Breach Notification
Data breach incidents can pose significant risks to organizations and their customers. Dataloop has implemented robust measures to promptly notify our customers in the event of a data breach. It enables them to take necessary steps to safeguard their information and mitigate potential risks. Our data breach notification capability aligns with ISO 27001 requirements and is based on the NIST framework, ensuring a proactive approach to addressing security incidents.
Dataloop places great emphasis on the significance of data classification in implementing effective security measures. Understanding the sensitivity and importance of different data types, employ data classification to categorize and prioritize security controls accordingly. By implementing industry best practices and compliance requirements, ensure that each data category receives the appropriate level of protection. Our data classification approach allows us to apply targeted security measures, reducing the risk of unauthorized access or misuse and ensuring that confidential information remains safeguarded throughout our systems.
Role-Based Access Control (RBAC)
To enhance data security, there is an integrated Role-Based Access Control in the systems. RBAC restricts access to resources based on the roles assigned to users or groups within our organization. This approach ensures that only authorized personnel can access sensitive information, minimizing the potential for unauthorized access, data breaches, or misuse. Our RBAC implementation supports seamless cross-integration with platforms such as AWS Cross-Account, GCP Cross-Project, and Azure Cross-Tenant, enabling efficient management of access controls across multiple accounts.
Principle of Least Privilege
Dataloop strictly adheres to the principle of Least Privilege to enhance data privacy and security. Within the system, ensure that employees and stakeholders are granted only the necessary permissions and minimize the risk of unauthorized access. Additionally, for our customers, our Role-Based Access Control (RBAC) implementation guarantees that each user has specific permissions tailored to their responsibilities. By following the principle of Least Privilege, Dataloop prioritizes data protection, reduces the risk of unauthorized access, and upholds the highest standards of data privacy and security at Dataloop.
As a premium feature, Dataloop offers Two-Factor Authentication (2FA). This additional layer of security enhances access controls and safeguards customer accounts. An intuitive user onboarding process that educates users about the importance of 2FA and offers seamless integration with various authentication methods, such as SMS, voice, or authentication apps.
Dataoop prioritizes data encryption to safeguard sensitive information at Dataloop. Our commitment to data security means that both in transit and at rest, customer data is encrypted using robust encryption protocols. With AES-256 encryption, your data remains protected and confidential, including backups. When data is transmitted, Dataoop enforces a minimum TLS v1.2 protocol to ensure secure communication. Through these comprehensive encryption measures, maintains the highest standards of data protection, integrity, and confidentiality.
Logging and Monitoring
Dataloop meticulously monitors and tracks all system resources and actions that occur within the platform. This includes monitoring user activity, system events, network traffic, and other critical indicators. By closely monitoring these logs, we can quickly identify and respond to security incidents, ensuring the ongoing protection of customer data.
Dataoop generates security reports upon customer request. These reports provide valuable insights into security-related events and demonstrate commitment to transparency. Customers can reach out to their account manager to request these reports, which are generated every quarter by our trusted external vendor.
As part of our commitment to maintaining a secure environment, Dataoop regularly performs Vulnerability Tests. These tests help identify potential vulnerabilities and weaknesses in our systems and applications. These tests are conducted in compliance with SOC 2 requirements to ensure the ongoing security of our platform.
Dataoop understands the critical importance of having a robust Disaster Recovery plan in place. To safeguard our operations and customer data, implemented a comprehensive Disaster Recovery plan that adheres to SOC 2 compliance standards. This plan includes measures to ensure the timely restoration of services in the event of a major disruption or disaster.
Backup Service Policy
Data backup is a fundamental aspect of our data privacy and security practices. Dataoop performs regular backups for all our services once a day. These backups are securely held in the cloud, ensuring the availability and integrity of your data. Additionally, each service within our platform has a system backup mechanism in place. We comply with SOC 2 requirements to protect your data and mitigate potential risks.
SSO (Single Sign-On)
At Dataloop, we understand the importance of seamless and secure user authentication. Our implementation of Single Sign-On (SSO) allows users to sign in once using a single set of credentials, granting them access to multiple applications and systems without the need to re-enter their credentials for each application. With SSO, we enhance user convenience and productivity while maintaining strong security measures.
HTTPS and TLS
At Dataloop, we prioritize the security of data transfer by exclusively using HTTPS encryption. This ensures that user information, including login credentials, passwords, and storage access keys, remains protected. We maintain a strong security culture by offering a bug bounty program, incentivizing individuals to report security exploits and vulnerabilities. Our cutting-edge firewalls and communication protocols, combined with SSL/TLS encryption for external communications, provide robust protection. Additionally, when communicating with third-party services outside our cluster, we employ VPC tunneling to reinforce the security of data transmission. Rest assured that your data is safeguarded throughout its journey.
Authentication and Authorization
At Dataloop, we prioritize robust authentication and role permission enforcement. Leveraging Auth0, an industry-leading identity management platform, our authentication and authorization system ensures secure access to your data. By implementing strict access controls, we provide organizations with granular control over user permissions and data access. Our advanced infrastructure supports custom authentication and role-based access control for on-premises or private storage deployments. With a focus on secure authentication and authorization mechanisms, we enable organizations to manage user access effectively and protect sensitive information.