Information Security Management
Network and Application Penetration Tests
Do you conduct network/application penetration tests of your cloud service infrastructure regularly?
Yes.
Tenant Data Encryption and Segmentation
Is Auto Insights able to logically segment/encrypt customer data in such a way that access to data is confined to a single tenant without being provided inadvertently to other tenants?
All tenant data is stored either in logically separated directories within network file systems with at-rest encryption, or in logically separated tables within databases including MySQL and Clickhouse hosted on encrypted disks. We use our in-house access management systems to ensure data segregation for end-users.
Data Storage Location
Are you able to restrict the storage of customer data to specific countries or geographic locations? Do you provide tenants with geographically resilient hosting options?
Auto Insights Classic is available in several regions. See Where Is Auto Insights and My Data Hosted?
Information Security System Management
Do you restrict, log, and monitor access to your information security management systems (for example, hypervisors, firewalls, vulnerability scanners, network sniffers, and APIs)?
Access to information security management is restricted to the Auto Insights Platform Team, which maintains, logs, and monitors the system.
Firewalls
Are system and network environments protected by a firewall or virtual firewall to ensure compliance with legislative, regulatory, and contractual requirements?
Yes.