Like many SaaS offerings, Auvik stores data in a cloud-hosted, multi-account environment. We follow industry best practices in every aspect of secure data collection and storage.
Auvik servers use an industry standard four-tier architecture, with security protocols at every layer. Even if someone gained unauthorized access to our system, the risk of them being able to compromise all four layers to see or make use of customer data is extremely low.
As soon as information from your network reaches the Auvik system, it’s partitioned in such a way that it’s impossible for data to cross from one account to another.
All the credentials you share with Auvik are sent to the cloud and stored there using AES-256 encryption. They’re decrypted and made available to the system only as needed for delivering product features. AES, or the Advanced Encryption Standard, is a symmetric block cipher used by the U.S. government to protect classified information.
At Auvik, we make it impossible for non-approved employees to access customer information. In order to access customer-specific servers, a special SSH key is needed. The key is accessible by a bare minimum of necessary Auvik personnel. For additional security and to ensure access privileges are kept up to date, the SSH key is rotated every month or anytime someone leaves or joins the access group.
Data center security
Auvik servers are kept in secure, state-of-the-art Amazon data centers. These data centers have the following security attributes:
- Electronic surveillance of servers
- Multi-factor access control systems
- Staffed 24-7 by trained security guards
- Achieved ISO 28001 certification
- Achieved ISO 9001 certification
- Undergo regular SOC 1 audits