Architected from the ground up to secure your data, DSCVR’s cloud security infrastructure employs industry-standard best practices.TRY IT FREE
As a 1010data company, DSCVR is backed by a dedicated team of security professionals who comprise 1010data’s security center of excellence, ensuring our products offer a core security baseline and additional security options that allow for flexibility to meet or exceed requirements for various users and data sets.
DSCVR employs an International Standards Organization (ISO) 27002 inspired and National Institute of Standards and Technology (NIST) Cybersecurity Framework inspired security program where applicable to the cloud.
Hosted in the Amazon Cloud, DSCVR leverages robust built-in features of AWS including CloudWatch, CloudTrail, security groups, identity and access management, and key management.
DSCVR servers are hardened, and the system relies on only a small number of underlying operating system services. Stateful architecture provides each user a dedicated private instance of their environment and allocated working session.
Data is encrypted in transit. Brower interactions, browser-based data loading and data loads from Amazon S3 storage utilize a TLS connection. Large data sets are transmitted via an encrypted connection using SFTP and actively scanned for infection.
DSCVR maintains 24×7 security operations and escalation to a capability tier as necessary. In-house certified forensic and incident handlers, forensic retainer services and cyber liability insurance ensure a coordinated and timely response to incidents.
System administrators may only access data for purposes of support and debugging, and may not load data onto portable or removable storage. All privileged access to Amazon AWS is protected by multi-factor authentication. We maintain auditable logs of all user interactions involving customer data including user account, IP address and tables accessed.
Independent technical penetration testing performed to simulate complex and highly coordinated attacks with active remediation. DSCVR systems regularly undergo antivirus scanning, vulnerability scanning and patch management.
1010data Inc., the developer of DSCVR, is SOC 2 Type II independently certified. 1010data Inc. has built its security risk program based on the ISO 27002 and NIST Cybersecurity framework.
Our third party client and vendor risk program is built based on the widely known Shared Assessments program. Mutually negotiated Business Associate Agreements are available and encouraged for those data owners who upload any sensitive data.
1010data Inc. is Privacy Shield certified. Privacy Shield is a self-certification program that enables organizations to lawfully transfer personal data from the EU and Switzerland, to the United States in support of transatlantic commerce. 1010data staff are certified and participate in the International Association of Privacy Professionals (IAPP).