Security 🛡️
AccelerationCloud API services use strong security standards to protect our clients' data and ensure users' privacy. Security measures are implemented for both data at rest and data in transport.
Data Encryption
1.1 Our database servers encrypt data using the standard AES 256bit encryption. The encryption keys are rotated and managed in a network separated from the database and application servers.
1.2 They are stored in a fault-tolerant key management cluster with limited access. The master key is kept in a secure vault to ensure a maximum level of security.
Transmission Security
1.1 All data served over our REST API uses HTTPS. We regularly audit our security setup to ensure that the certificates we serve are up to date. We force HTTPS for all connections to our API server to ensure that data is always encrypted during the transport from our server to your application.
1.2 It is important that you use the same methods to ensure that data is encrypted all the way to the end user.
Data Isolation
1.1 Except for data encryption at REST and data encryption in transit, we are providing SaaS model to our clients, each custom uses its own data warehouse. Data will not be shared among different clients.
Logging
1.1 We maintain and log all the API calls and track the interactions with AccelerationCloud API.
1.2 We know when, where, what API the user used, and have an API portal dashboard to allow the admin to review.
SOC2 and PCI on the way
Updated about 1 year ago