Security Highlights
The entire Seemore team is focused on keeping you and your data safe. We use industry standards including OWASP, NIST, ISO 27001, and ISO 27701 to guide our security program and engineering practices
Access Management
Seemore Platform has implemented multiple access controls to ensure the confidentiality, integrity, and availability of Seemore. All access is provisioned by role and the principle of least privilege. Our controls include multi-factor authentication requirements, strong passwords, an identity provider, Zero Network Trust Access tooling for production environments, mobile device management, and quarterly access reviews, to name a few.
Asset Management
- Seemore platform has established configuration standards across all of its managed endpoints to ensure assets are configured securely and identically.
- Laptops are protected by full disk encryption using FileVault2.
- A tool is in place to enforce the use of standard production images for production servers.
Availability, Business Continuity, & Disaster Recovery
- Seemore Platform is hosted in AWS, and deployed across multiple AZs (availability zones) in a region.
- Our retention of backups is a minimum of seven (7) days.
- Our staff is remotely distributed providing support to customers globally. Our distributed workforce allows us to provide support virtually from anywhere and reduce the impact of support interruption in a geographic location.
- Our Business Continuity, Disaster Recovery, and Incident Response Plans are tested annually via tabletop exercises.
Communication & Encryption
- All connections to the Seemore platform are encrypted by default, in both directions using modern ciphers and cryptographic systems.
- Any attempt to connect over HTTP is redirected to HTTPS.
- We use HSTS to ensure browsers interact with Seemore Platform only over HTTPS
- We utilize AES-256 for all data encrypted at rest.
Penetration Testing
Seemore Platform undergoes annual penetration testing from an outside provider and regularly installs the latest, secure versions of all underlying software.
Security Protocols
- Seemore platform data centers are hosted using Amazon Web Services, where they are protected by electronic security, intrusion detection systems, and 24/7/365 human staff.
- Seemore platform uses actively maintained, long-term-supported operating systems that are kept up to date with the latest security patches.
- The Seemore platform uses a dedicated firewall and private network to prevent unauthorized network access.
- We limit access to sensitive data to those with a business reason for access.
Shift Left (SDLC)
- Seemore follows a shift left security model to ensure security is engaged early and often throughout development.
- Our engineers are required to complete secure code training at least annually and they follow OWASP guidelines per our Security Development Lifecycle.
- All code must be peer reviewed before production, as part of our Change Management Policy.
- A security and privacy data protection impact assessment must be completed for all product feature requests and product feature changes.
Vulnerability Scanning
New vulnerabilities or new patches are detected from the various monitoring and scanning Seemore platform has in place. Many vulnerabilities will be addressed within 24 hours by automated update processes, at which time the vulnerability is closed out. Engineering tracks any vulnerabilities not addressable through automation through resolution.
FAQ
Does Seemore platform have access to any of our warehouse data?
No. We only have access to the Snowflake metadata database. This includes object metadata and usage metrics for your account. For example, the number and names of the tables in your databases, or the historical queries that have been run in the account. We cannot access any of the underlying tables or datasets in your account(s).
Does Seemore hold any security certifications such as SOC 2, or ISO27001?
Yes, we are SOC 2 Type 2 certified. Please reach out to security@seemoredata.io to request a copy of our SOC 2 report.
How is customer’s data protected and who has access to Seemore platform data?
All data is encrypted in transit and at rest. Only a subset of senior employees have access to data on the Seemore side. Those with access to customer data is regularly reviewed and revised by the team.
In terms of application security, How does Seemore deal with security reports received from security
researchers?
Seemore receives reports through the email address of security@seemore.io. We review every single report that we receive. We do not have a formal bug bounty program but we do have a process and set of policies and standards we adhere to to process security requests.
Do you have a list of third parties that Seemore uses?
We use a subset of third parties largely for analytics, email marketing and payment processing. There is no PII sent to third parties and no Snowflake metadata is shared with third parties.
Do you have a security contact person in case of breaches?
The team responds to messages at security@seemoredata.io. Upon request a security employee can be
temporarily assigned to your account as well.
In terms of logging, do you log access activities of Seemore employees who have access to the data?
Yes.
Does Seemore store any information regarding metadata in the database?
Yes. We store basic metadata about our customers’ warehouse accounts in our database in order to be able to show corresponding costs for associated warehouse resources. We do not have the ability to access any of the underlying datasets or resources in your warehouse account(s).