MOUNTAIN VIEW, CA (April 24, 2023) - Trust is at the foundation of what we do. Indeed, trust is in our very name! Not only do our customers trust us to help them use and share their data securely, but they also trust that our products were built to the highest standards of application security and secure development.
Today TrustLogix announces external validation of the high bar for trustworthiness that we have set for ourselves, and also describe in more detail how our platform design helps ensure we are a trusted choice for enterprise data security.
SOC 2 Type 2 Certification
First, we are proud to announce that we recently achieved SOC2 Type II certification, which verifies our ability to provide robust data security and privacy for our customers’ most sensitive and valuable data. With SOC2 Type II Certification, our customers are assured that we meet a very high bar for secure internal operations and development practices.
Data Cloud Partners Validation
To ensure we are correctly connecting and accessing data platforms’ native capabilities, TrustLogix has partnered with those vendors and ensures we are integrating correctly and securely without touching or moving data. For example, TrustLogix was among the first vendors that Snowflake awarded Data Governance Accelerated certification, and we also achieved AWS Select Technology Partner certification.
Privacy-First Architecture: Protecting Your Data without Seeing or Touching the Data Itself
So, let’s peel back the onion, and look at how our platform design ensures the safety of sensitive data.
First, TrustLogix is a non-invasive, agentless, proxyless cloud-native platform that runs without seeing or moving the data itself. We do not require embedding any agents or proxies in your network, and do not require any changes to your databases or data pipelines.
The “secret sauce” that makes this possible is the Trustlet, a cloud-native serverless component that discovers data access issues and risks, and defines and applies access policies across all of your data platforms such as Snowflake. Discovery is done by querying metadata and reading query logs, and the access controls themselves are enforced via API using the target platforms’ native capabilities. The actual data is never seen or touched. It is those platforms’ native capabilities that see and touch the data itself.
Customers have complete control over where Trustlets are run, either as a SaaS, hosted by TrustLogix, or within the customer’s own customer-managed cloud. Customers also control when and how Trustlets connect with their data platforms, simply by providing a connection string, which can be removed or its permissions revoked at any time. We also can leverage the data platforms’ advanced security features, such as their native key vaults, and connecting via secure connections such as AWS private link.
This combination of being “hands-off” from the data itself, while putting deployment and configuration completely within the control of our customers, is what makes us a safe choice for data security.
Summary
TrustLogix has invested in not only an innovative cloud data security platform, but also in ensuring we meet the highest bar for application security, data security, and secure application development. You may reach us directly at hello@trustlogix.io for access to the SOC2 report. But don’t just take our word for it, try out TrustLogix yourself, by signing up for our free trial, or you can request and demo walk-through and discussion around your specific needs.
Additional Resources