Security

Security Basics

• Silota does not store a copy of your data. We send SQL over the wire and only retrieve the returned results. Your data stays safely and securely in your database.
• All SQL / results are transmitted using SSL security, and all database connections use a read-only user. Silota cannot, and will not, write to your database or alter it in any way.
• You connect your database to Silota by entering your database credentials. These are kept strictly private and are securely encrypted using industry standard 128-bit AES Encryption.
• The results of a query are temporarily cached inside our secure VPC. The cache is necessary to improve performance and to protect your database from too much load. These results automatically expire using S3’s object lifecycle management.
• Our servers and databases are impossible to connect to outside of our VPC (virtual private cloud, similar to a VPN but for AWS servers).

Data At Rest

1. Backups & Business Continuity

Your data is backed up at least once a day and in at least two different geographical locations for maximum protection against data loss or corruption.

2. Storage Layer

Silota’s application servers are separated from database servers that store your data.

3. Maintenance

All of our servers are regularly patched to ensure your data is protected against the lastest vulnerabilities.

Application Security

We take the AAA approach to application security:

Authentication

Users must have valid authentication credentials before being able to view dashboard, charts and run queries. All account passwords and keys are encrypted and not viewable by Silota personnel.

Authorization

Furthermore authenticated users need to have the right level of authorization in order to make changes or configure the dashboards. For this purpose, we provide write and read keys.

Accounting

We track all access and usage of your account, allowing for auditing and tracing.

Have a question?

Feel free to contact us should you have any questions - support@silota.com