Security Policy
At Relokia, we deeply understand the value of your data. Ensuring its protection throughout the entire migration cycle is our top priority. Our approach is designed to safeguard your data, maintain its integrity, and ensure compliance with global security standards.
Principles and Commitments
Data Ownership.
Your data is exclusively yours. It is never sold or used beyond what is outlined in our agreement.
Access Control.
We restrict data access to what is necessary for migration, as set by you during migration setup.
Data Retention.
Data retention on our premises is strictly for the migration period and is controlled directly by you.
Support Excellence.
Our dedicated support team is always available, ensuring seamless and effective data migration.
Security Compliance
SOC 2 Compliance.
We are obtaining SOC 2 compliance, focusing on security, confidentiality, availability, and
integrity principles.
Request Letter of Assurance
AWS Infrastructure.
Deployed on AWS, adhering to various security standards (e.g., ISO 27001, ISO 27017, ISO 27018, ISO 27701, SOC 2, CSA, PCI DSS, and others.)
Subservice Organizations Verification.
Regular compliance checks against our stringent security requirements.
Data Processing Agreements.
Compliant with relevant EU and US regulations, ready to sign DPAs per customer instructions.
HIPAA Compliance.
Ready to sign a BAA for full HIPAA compliance.
Service Level Agreement (SLA).
We guarantee high reliability and performance standards, with detailed uptime commitments and responsive support protocols.
Secure Migration Platform
AWS Infrastructure.
Our infrastructure leverages distinct AWS accounts for production and staging, providing clear environmental segregation. This setup is continuously monitored using AWS CloudWatch and safeguarded by AWS GuardDuty, ensuring vigilant security monitoring and threat detection.
Cloudflare WAF Deployment.
We employ Cloudflare's Web Application Firewall (WAF) to protect our web-facing services. This robust layer of security filters and blocks potentially harmful web traffic, offering DDoS mitigation and rate limiting to enhance our online security posture.
End-to-End Encryption.
Our commitment to data security includes comprehensive encryption of databases, storage solutions, and transmission channels. This practice ensures the confidentiality and integrity of your data throughout the migration process.
Secure HTTPS Protocols.
We mandate using HTTPS connections for all migrations, ensuring secure and encrypted communication channels.
Secure Access to the Platform and Data
OAuth 2.0 Authentication.
To provide secure and limited access during migrations, we employ OAuth 2.0 authentication protocols, allowing precise control over access scopes.
Data Segregation Strategies.
Each migration is assigned a unique identifier, storing customer data in dedicated, segregated environments. This ensures the isolation and security of your data.
Advanced Encryption Protocols.
We use the latest encryption methods to protect customer data. All encryption keys are securely managed within AWS KMS, providing an additional layer of security.
Controlled Employee Access.
Our employees' access to customer data is governed by strict protocols, ensuring that interaction with your data is necessary and authorized.
Monitoring the Migration Process and Support
Interactive User Dashboard.
Data migration service interface includes a comprehensive dashboard, offering real-time tracking and detailed status reports on data transfer.
Integration with BugSnag.
We use BugSnag for proactive issue detection and management, ensuring that any operational anomalies are quickly identified and resolved.
Dedicated Customer Support.
Our customer support team is readily accessible through multiple channels, with response times governed by Service Level Agreements tailored to customer subscription plans.
Service Status Transparency.
A regularly updated status page informs you about service availability and performance issues.
Full Control Over Data Post-Migration
Data Deletion Protocols.
Post-migration, customers can delete their data manually. Additionally, we have an automatic data deletion process, termed "archivation", for migrations that have been inactive for 30 days. This process includes removing all data from our storage, barring a single database that retains only essential statistical information.
Data Deletion Certificate.
Upholding our commitment to transparency, we provide customers with a detailed certification upon request for data deletion. This certificate offers crucial information such as the specific storage location of the data, backup status, retention duration, and an exhaustive description of the destruction process.
“A” grade in penetration testing
Help Desk Migration passed with flying colors, securing the highest 'A' grade after undergoing penetration testing. Count on us for not just secure, but impeccably safeguarded data migration
Organizational Protection Measures
Risk Assessment and Vendor Management
Annual Risk Assessments.
We conduct comprehensive annual risk assessments and penetration testing. This proactive approach helps us identify and address potential security vulnerabilities in our IT systems and supported business processes.
Vendor Management.
Our vendor management process involves rigorous due diligence and establishing vital data protection requirements within our contracts. This ensures that all our vendors align with our high-security standards.
Personnel Security
Employee Training and NDAs.
Data migration service’s employees undergo extensive security awareness training upon onboarding and annually after that. Additionally, they review and acknowledge our Acceptable Use Policy annually. Employees and contractors must sign non-disclosure agreements, ensuring confidentiality and compliance even after termination.
MDM Solutions.
We implement a robust Mobile Device Management (MDM) solution to manage the security of corporate laptops. This includes enforcing encryption, ensuring timely software updates, setting OS password policies, and maintaining active firewalls.
Access Management
Authorization Protocols.
We ensure thorough authorization of access to IT systems and networks before granting access.
Password Policies.
Implementing complex passwords and multi-factor authentication across corporate IT systems and laptops.
Personalized Accounts.
Our employees are provided with individual user accounts, ensuring traceability and accountability in production systems.
Annual Access Reviews.
We conduct annual reviews of access to our IT environment, maintaining strict control over who has access to what data.
Disaster Recovery and Business Continuity
Disaster Preparedness.
We regularly test our disaster recovery and business continuity plans to guarantee operational resilience. This ensures that our system infrastructure components can be swiftly restored during a disaster and that our company's key components remain available.
Secure Development
Commitment to Security.
The data migration team is dedicated to implementing secure software development practices, ensuring the integrity and security of our software products.
Emergency Change Control.
An established emergency change control process addresses urgent changes for incidents or critical business needs.
Automated Security Checks.
All pull requests undergo automatic checks, including Static Application Security Testing (SAST) and Software Composition Analysis (SCA) scans, for both application and infrastructure code.
Docker Image Scanning.
Continuous vulnerability scanning in Docker image repositories, with scans triggered upon new image pushes.
Customer Security Controls
Our security team manages privacy, governance, risk, and compliance to ensure that our company's security matches the high industry standards.
REPORT SECURITY CONCERNS OR INCIDENTS
CUSTOMER SUPPORT
-
Single Sign-On (SSO)
Seamlessly register or log in using your Google or Microsoft account. With SSO, you can bypass the hassle of remembering another password and gain quick access to start your data migration journey.
-
Two-factor authentication (2FA)
Activate Two-Factor Authentication (2FA) in your Account Settings to add an extra layer of protection.
-
Role-Based Access Control (RBAC)
Our data migration tool employs RBAC to ensure a secure and efficient migration experience. Roles are differentiated: “full access role” with complete control over data transfer functionalities, and “limited access role” focuses on supporting the migration process.
-
Session Management
Our Session Management feature allows you to log out from any device, providing comprehensive control over your account's security.
-
Migration Status Dashboard
Stay informed with our user-friendly dashboard that displays the real-time status of your data migration. It provides detailed insights into records read, transferred, skipped, or failed.
