Security at Citus Data

We know your database is the center of your operations — at Citus Data we put security first. As a guideline we follow SANS 20 Critical Information Security Controls. You can read more on specific steps we take to keep you and your data safe below.

System Security

• Hardened system installation
• Access to all key control systems and hardware requires two-factor authentication
• Security vulnerabilities are reviewed on a regular basis and assessed and responded to according to their threat level

Operational Security

• Systems access logged and tracked for auditing purposes
• Secure document-destruction policies for all sensitive information
• Fully documented change-management procedures

Database Security

• All access to Citus Cloud instances both in transit and at rest is encrypted
  • Access to Citus Cloud instances requires TLS
  • Backups are encrypted at rest and in transit
• Passwords are randomly generated secure tokens
• Monitoring passwords are rotated on a regular basis
• Two-Factor Authentication is required after 30 days for databases that are production plans

Employee Access

No Citus employees ever access your database without explicit consent for support purposes. Only when helping to you troubleshoot issues and analyze your database, with your explicit consent will an employee connect to your database.

Credit Card Safety

We do not see any of your credit card or bank information directly in our systems. We use Stripe to handle your card data and do not directly act with any of your financial information.

Contact Us

Have any questions or thoughts about security at Citus Data?
Contact Us