Trust and Security

At RocketVisor, we believe that the cornerstone of trust is security.  We work tirelessly to maintain that trust with our world-class systems and processes.  As such, we have put in place the following procedures to safeguard your data and allow your company to fulfill it’s duty to your customers:

Best Practices: Protocols & Policies

  • Full review of major initiatives by RocketVisor Security Council (“RVSC”) for threat assessment and security evaluation
  • Quarterly internal audit of systems and processes by RVSC for security vulnerabilities and best practices
  • Notification of known breaches to appropriate parties within 24 hours

Monitoring & Logging

Our operations team constantly monitors the health and security of our servers.

  • Daily monitoring of system health and scanning of security vulnerabilities, both manual and automated
  • Detailed access logs of every data transfer for monitoring and audit, and automated alerts around anomalous or root access
  • Quarterly review of security monitoring procedures by RVSC

Data Transfer & Networking

How our data travels: Encryption. Always.

  • Industry standard SSL encrypted communication for authentication and data communication with all servers
  • Minimal data transfer by optimizing local data storage on customers’ machines
  • Virtual Private Cloud configuration creates firewalls around our systems

Data Storage, Access & Protections

Who has access and what they see.

  • We limit access to all systems and data on an as-needed basis
  • All employees and contractors undergo strict vetting and are obligated not to disclose any customer data they may come into contact with
  • Tight access controls and permissions, quarterly review by RVSC
  • Broad system-level permissions hierarchy, and granular data-level authorization tagging built-in
  • All customer data stored in an encrypted data warehouse with anonymous key relationships
  • All analytic data stored in an encrypted data warehouse without any personally identifiable information

Data Backups & Disaster Recovery

Data loss is not an option.

  • Customer data is 100% backed up to online replicas
  • Our operations team monitors platform and application behavior for anomaly detection
  • All services are configured in automatic scaling groups that scale up to meet peak demand
  • We will proactively notify you of any customer-impacting situation

GDPR Compliance

RocketVisor currently complies fully with the EU and EEA laws regarding transfer of data subject information to a data processor.

  • Customers maintain full ownership of their data, which can be exported in its entirety upon request during your contract and for 60 days following.
  • Our primary data sub-processors, e.g. Amazon Web Services, maintain industry-leading security standards (where possible, SOC2 and/or ISO 27001 certifications) and undergo periodic vendor reviews.
  • Sensitive customer data is encrypted at rest and when traversing over public networks.

Last Updated on October 18, 2018