We know your database is the center of your operations — at Citus Data we put security first. As a guideline we follow SANS 20 Critical Information Security Controls. You can read more on specific steps we take to keep you and your data safe below.
- Hardened system installation
- Access to all key control systems and hardware requires two-factor authentication
- Security vulnerabilities are reviewed on a regular basis and assessed and responded to according to their threat level
- Systems access logged and tracked for auditing purposes
- Secure document-destruction policies for all sensitive information
- Fully documented change-management procedures
All access to Citus Cloud instances both in transit and at rest is encrypted
- Access to Citus Cloud instances requires TLS
- Backups are encrypted at rest and in transit
- Passwords are randomly generated secure tokens
- Monitoring passwords are rotated on a regular basis
- Two-Factor Authentication is required after 30 days for databases that are production plans
No Citus employees ever access your database without explicit consent for support purposes. Only when helping to you troubleshoot issues and analyze your database, with your explicit consent will an employee connect to your database.
Credit Card Safety
We do not see any of your credit card or bank information directly in our systems. We use Stripe to handle your card data and do not directly act with any of your financial information.
Have any questions or thoughts about security at Citus Data?