ElephantSQL Security Policy
This Security Policy was last revised on May 13, 2020.
Cloud security is important for the protection of hosted information. Even small gaps in security coverage can put everything at risk, including data, customer information, uptime, and potentially a company’s reputation. A certain amount of confidence is needed when relying on third-party vendors to manage and handle your data. We want our customers to have a general understanding of what we at ElephantSQL are doing to protect the integrity of their data.
This living, continuously-updated document will give a brief introduction to the security policies at ElephantSQL. Because effective security is a team effort, our security policies are not limited to this document alone. We routinely audit and manage the security of our services and adopt best practices for our security policy.
Our internal development, operations, and processes have been constructed to provide maximum data security.
1. System security
1.1 Coding Standards and Development
A well-built environment starts with high coding standards that guard against attempted security breaches and are accompanied by code reviews and tests. We have strict development processes and we are following specified coding standards to ensure the best security practices.
1.2 Application Security
System components undergo tests (various black box and white box tests) and source code reviews to assess the security of our application interface, architecture, and service layers before we add our code into production. ElephantSQL always reviews the security of third-party applications before we are adding them to ElephantSQL services.
1.3 System Configuration
Server and system access is limited to a few authorized people at ElephantSQL and requires short-lived signed SSH keys and two-factor authentication. Furthermore, everyone at ElephantSQL is forced to enable two-step authentication on every cloud platform that provides it (such as AWS and Heroku). Individual authentication credentials are never shared.
1.3 Patch Management
ElephantSQL always applies patches when advised by the manufacturer for our servers and associated devices. Critical patches are applied within 48 hours of release.
1.3 End-Point Security
All end-points (computers, laptops, mobile phones, etc.) use encrypted storage, secure passwords, and auto-locking mechanisms. In the case of mobile phones, only applications from trusted application stores such as the AppStore and the Google Play Store are allowed. All end-point devices are patched to the latest stable OS update and application updates. Malware and anti-virus applications are installed where applicable.
2. Physical Data Center Security
Our physical infrastructure is hosted and managed on a range of different data centers (AWS, Azure, GCE etc.). We rely on their flexible and secure cloud infrastructure to store data logically across multiple cloud regions and (in AWS) availability zones. The data centers ensure the utmost in data security and protection and that all data is stored in highly-secure locations. All data centers that run our solution are secured and monitored 24/7. Physical access to data center facilities is strictly limited to select cloud staff. The data centers and staff continually manage risk and undergo recurring assessments to ensure compliance with industry standards.
How specific data centers handle fire detection, power loss, climate disasters, temperature control, data center management, and other disasters can be found on the data centers' websites.
- AWS Cloud Security: https://aws.amazon.com/security/
- Google Cloud Platform Security: https://cloud.google.com/security/
- Security Features in the Azure Platform: https://azure.microsoft.com/en-us/support/legal/security-overview/
3. Customer Data Security
ElephantSQL provides several security capabilities and services to increase privacy. No one will be able to connect or view your PostgreSQL server as long as you take care of your connection credentials. All customer information used in the development and test environments is anonymous.
3.1 Data in Transit (Cryptographic Policy)
ElephantSQL uses SSL/TLS to secure data in transit. SSL certificates are updated on a regular basis or in an event of a security advisory from external security centers. You have to enable TLS/SSL to and from your application to ensure secure transit between ElephantSQL and your application (read more in section 3.3.3 TLS).
3.2 Data at Rest
Data are replicated across all follower plans. Data can be encrypted for additional security of data at rest.
3.3 Customer Best Practices for Security
This section describes what you can do to protect your account in the best way possible.
3.3.1 Password Protection and 2-step verification
You are responsible for maintaining the security of your unique password and account information at all times. We recommend you to use strong passwords that rotate, which can be done from the control panel of your instance. We also recommend that everyone in the team enable two-step authentication to secure access to your account even more.
Use ElephantSQL teams to invite your co-workers to your project rather than sharing user credentials.
3.3.2 Unusual Account Activity
We want to keep you in the loop on important actions on your ElephantSQL account. Therefore we will notify you via email if we detected something unusual about recent access.
3.3.3 TLS and Encrypted Data
ElephantSQL does support TLS (SSL) to encrypt your data in transit. We advise that you take your own measures to protect sensitive data transmitted to and from applications. Note that TLS only secure messages during transport. What we recommend for highly sensitive information (HIPAA, PCI, etc.) is that the data that is being sent is encrypted at the client level.
4. People Operations
4.1 Recruiting and Hiring
All employees undergo pre-employment background checks and must agree to company policies before starting their employment (including confidentiality and security policies).
4.2 Onboarding Policy
All new employees at ElephantSQL undergo Security Awareness Training as well as Compliance and Policy Training, to help ensure that employees understand their individual roles and responsibilities concerning data processing and controls.
4.3 Exit Policy
During employee exit processes all login details for employees who have resigned are removed and ssh keys are rotated. All data on electronic devices used by the employee who has resigned are completely removed.
The employee who has resigned signs an agreement to not mention anything about business operations or customer detail.
4.4 Security Awareness Training
We provide an ongoing yearly program of Security Awareness Training designed to keep all members of staff informed and vigilant of security risks.
4.5 Employee Access to Customer Data
A few employees at ElephantSQL are able to access the server and PostgreSQL but will not view any messages sent across our servers without permission. ElephantSQL cannot access data that has been encrypted at the client level.
4.6 Employee Devices
All electronic devices used by ElephantSQL employees have enabled disk-based encryption.
Please feel free to contact us with any questions about this Security Policy, suggestions or concerns about any of the points outlined above at email@example.com For reporting security issues, see our Vulnerability reward program