Introduction
The aim of this document is to answer the most frequently asked questions regarding Platform8’s Information Security Policy. Capitalised terms used in this Information Security Policy and not separately defined shall have the respective meanings ascribed in the or the Customer Specific Agreement.
Data Centers
Platform8’s goal is to enable you to share your information through API’s. For most use cases Platform8 collects your Data, stores it, and indexes it. At all times do you, the Data Provider, keep full ownership over your Data. Protecting your Data and the Data of your customers is extremely important to us.
If this document does not answer your questions and you require more in-depth information about Platform8’s Information Security Policy, please do not hesitate to contact us at via https://platform8.io/contact/
The Platform8 platform runs on the Microsoft Azure Cloud platform and therefore in Microsoft’s datacenters. Microsoft cloud services are audited at least annually against SOC 1 (SSAE18, ISAE 3402) and SOC 2 (AT Section 101) standards. More information is available on The Microsoft website.
The Platform8 platform deploys services on (Tier 4) Microsoft Azure data centers in West Europe only.
Misuse
Platform8 aims to be on the cutting edge of compliance and delivery. Live data can never be accessed by anonymous parties. A Data User can access Data only if granted that access by the Data Provider. Additionally, Platform8 closely monitors API usage and, if detecting an account with indications of suspicious activity, takes immediate action as appropriate for the specific case, such as suspension of access, contacting the Subscriber and/or contacting the Data Provider.
Application Security
Platform8 fully understands the importance of that software security. In addition to continuously scanning its code for vulnerabilities, Platform8 also:
- Securely transfers all your Data and encrypts it at rest;
- An independent penetration test, to be repeated annually;
- Is preparing for ISO 27001 and 27002 certification.
If you identify a vulnerability in a Platform8 site or service, you can identify it to us via https://platform8.io/contact/
Operational Security
Access to Platform8 systems and your Data is restricted only to those who need access in order to provide you maximum support. Platform8 maintains a strict separation between its development, test, and production environments.
With its employees, contractors, and vendors working on its behalf, Platform8 has in place:
- Signed confidentiality agreements;
- Termination/access removal processes;
- Acceptable use agreements.
Security is the responsibility of everyone who works for Platform8. Platform8 trains its employees to identify security risks and empowers them to take action to prevent bad things from happening.
Business Continuity/Disaster Recovery
By deploying its platform to Microsoft Azure Cloud platform, which has redundant and geographically separate data centers, Platform8 can provide you with consistent services. All service layers (ingestion, storage, processing, API management and identity management) are deployed with redundancy so as to allow for quick recovery in case a single data center goes down.
Privacy
You can review the Platform8 privacy policy, but let us already state very clearly that we are committed to the confidentiality of your Data.
Links to Third Party Websites
Platform8 assumes no responsibility for the accuracy or content of third-party information on this website, as well as the accuracy or content of any third-party websites accessed through hyperlinks on this site.
The inclusion of links to other websites should not be interpreted as an endorsement or recommendation of those sites or the products offered on them. This also applies to websites hosting our content, such as video files on platforms like YouTube, Twitter, and Facebook.
We do not endorse any advertising, related material, or other content that you may come across on these sites while accessing our content. It is advisable to consult the terms and conditions of use, privacy policies, and copyright policies of those websites when visiting them.
Version v1.1.0
Last Updated 23/05/2023