Security - Evidence Cloud
Note: If you are using Evidence Open Source, we do not process, store or host any of your data or credentials
Evidence is SOC2 compliant. See security.evidence.dev for a detailed breakdown of Evidence's security posture, controls, and compliance certifications.
We are committed to the highest standards of security across all our products and services, ensuring the confidentiality and integrity of your data at every step. Evidence is a trusted partner of enterprises, public companies, and national governments around the world.
The following measures are in place to protect your data:
| Security Measures | |
|---|---|
| Data Encryption | All your personal and project data reside on an isolated network and are encrypted at rest. |
| Database Credentials | Your database/warehouse credentials are safeguarded with an additional layer of encryption, shielding them further against unauthorized access. |
| IP Whitelisting | You can optionally restrict access to your database/warehouse even further by whitelisting Evidence Cloud’s IP addresses. |
| Fully Isolated Environments | Your deployment builds are executed in entirely isolated environments, ensuring the highest level of security and preventing any potential cross-interference between different customers and the rest of our system at large. |
| Hosted Data | Your Evidence deployment data (e.g. query results) is encrypted at rest using state-of-the-art encryption techniques and secured in transit using HTTPS. |
| Secure Network | A majority of Evidence’s backend systems operate within a secure, isolated network, ensuring enhanced protection. Essential online interactions, like serving web pages, are fortified with TLS/HTTPS encryption. |
| Access Controls | We maintain strict access controls, ensuring that only authorized personnel can access sensitive information, with activity logging enabled for enhanced security. |
