Secure & private,
by design

Customer trust and data security are keystone to everything we do at RestApp.
When it comes to security, we consider it as a priority and an ever-ongoing process.
Find out how we keep your data safe.

Compliant with EU data security standards

SSL Secured

Secured measures by design in our codebase as well as SSL encryption further protect your data against a wide range of attacks.

Authentication

We use state-of-the-art authentication technology and SSO. Govern the users roles with multi-level access to monitor full external and internal control.

ISO Certified

All data is stored and processed on ISO-certified servers in EU. Additionally, back-ups are filled in different locations.

We value security and protect your data

As a RestApp customer, you entrust us with some of your most sensitive and valuable data.
As such, safety is our constant priority and we secure every pice of our platform.

 

 

GDPR compliant

We have designed RestApp in order not to store but just process sensitive data as fast as possible.
Thus, it is our priority to be compliant with modern data privacy best practices.

High-end processing architecture

Our sync engine has been designed from the very beginning to use your data warehouse’s own execution engine to perform sensitive operations, meaning that virtually none of your customer data is actually stored on RestApp’ servers.
This makes RestApp “secure by default” against many common attacks.

Built on top of the world's most secure cloud infrastructure

We host our servers in the EU and only work with cloud providers whose datacenters are SOC 2 and ISO 27001 certified.
These cloud providers guarantee the physical and network security of RestApp’ servers and help us ensure that our server software is always up to date and protected from any newly-discovered threats.

Use the least privileges needed for handling data

RestApp does not require super-user access to your data warehouse and will request the fewest OAuth scopes needed to your SaaS applications in order to provide the RestApp platform.
The secrets we store with enterprise-grade OVH Secrets Manager which is both PCI and SOC 2 compliant.
For the purpose of connection with data warehouses, we support an SSH connection in case the data warehouse is located in a private subnet.

Data and tools to audit your organization's RestApp usage

RestApp records audit logs of any changes made to your models or sync configurations.
As a result, you know which users made changes and when.

Best practices for developing security software

RestApp is developed using isolated staging and production environments, encrypted credentials separated from code, and “infrastructure-as-code” that eases auditing and permits fine-grained access to cloud resources.

Data encrypted in transit & at rest

RestApp uses recent SSL and TLS versions for all connections between systems.
From your browser to the RestApp application, from our servers to your data warehouse or SaaS application, as well as internally between our own services and databases.
The data pipeline at RestApp is fully encrypted in transit and at rest, using the in-memory data structure store MongoAtlas running our ephemeral workers. We do therefore not see the data we are processing.

Security is our priority.
If you want to learn more about security processes, reach out to us at security@restapp.io.

Ready to experience operational analytics
without code?
Product

Solutions

Resources