The entire System team is focused on keeping your data safe. We adhere to industry-leading standards to manage our network, secure our application, and set policies across our organization.
System does not store your team’s datasets, models or raw data, only our metadata calculations related to these assets.
- Python/R: System Python and R packages extract only metadata about your models from within your data science environments.
- Data Integrations: System integrations extract only metadata about the tables and views you specify. You can manage this list, and the larger integration from your integration console.
Communication and encryption
- All connections to System are encrypted by default, in both directions using modern ciphers and cryptographic systems.
- We encrypt in transit utilizing TLS 1.2.
- Any attempt to connect over HTTP is redirected to HTTPS.
- We use HSTS to ensure browsers interact with System Cloud only over HTTPS.
- We utilize AES-256 for all data encrypted at rest.
- System shares data between internal systems through secure gRPC channels using TLS and token based authentication.
System regularly installs the latest, secure versions of all underlying software. (Also see our Terms of Service and Data Processing Addendum.)
- PCI: Before granting System access to data subject to PCI requirements, please contact support at firstname.lastname@example.org.
- HIPAA: Before granting System access to data subject to HIPAA requirements, please contact support at email@example.com.
Availability, Business Continuity, and Disaster Recovery
- System is hosted in AWS, with availability in multiple AZ’s (availability zones) in a region.
- Our retention of backups are a minimum of seven (7) days.
- Our staff is remotely distributed across the US providing support to customers globally. Our distributed workforce allows us to provide support virtually from anywhere and reduce the impact of support interruption in a geographic location.
- System’s data centers are hosted using Amazon Web Services, where they are protected by electronic security, intrusion detection systems, and 24/7/365 human staff.
- System uses actively maintained, long-term-supported operating systems that are kept up to date with the latest security patches.
- System uses a dedicated firewall and private network to prevent unauthorized network access.
- We limit access to sensitive data to a few senior employees.
- All System employees complete Security Training during onboarding.
- We review new features for security impact before release.
- Limit System’s access to your warehouse to strictly the datasets processed by System.
- Restrict access to extremely sensitive data such as credit card numbers or PHI. Consider removing these data points from your warehouse entirely.
- Use SSL or SSH encryption to protect your data and credentials while in transit. Choose strong passwords for your database users.
Research and Disclosure
System is committed to working with security experts across the world to stay up to date with the latest security techniques. If you believe you have found a security vulnerability in System, we encourage you to let us know right away. We will investigate all legitimate reports and do our best to quickly fix the problem.
If you believe you have discovered a problem or have any questions, please contact us at firstname.lastname@example.org.