Security

Skyvia is committed to security and focused on keeping your data and your credentials safe. We use industry-leading security practices when connecting to data sources and loading data from/to them

Hosting and Physical Security

Skyvia is hosted in a secure Microsoft Azure cloud, in west US data centers. Microsoft works hard to provide customers the best security and protection for their data, and security is built right into their Azure platform.

Microsoft Azure Cloud servers run in secure data centers, and access to them is restricted only to authorized personnel. Microsoft Azure Cloud implements the best security practices and complies with a wide set of national, regional, and industry-specific requirements and security standards - SOC 2, ISO 27001, and many others.

Compliance and Privacy

To keep your data secure and private, Skyvia stores users' private data encrypted using AES 256-bit encryption. Encryption keys are unique for every user, and our employees don't have access to them, and cannot decrypt users' data. Only the top level administrators have administrative access to Skyvia's virtual machines.

Skyvia complies with the European Union's Global Data Protection Regulation (GDPR).

Skyvia complies with HIPAA requirements for Protected Health Information (PHI), and we are ready to sign a Business Associate Agreement (BAA) with customers who are subject to HIPAA mandates.

Skyvia is PCI DSS -compliant. We use Avangate for processing payments. Avangate handles all the payment details. Your private data is 100% safe, as Avangate complies with the latest online security standards and is PCI DSS-certified. No payment information is handled or stored by Skyvia. For more details, you can review Avangate's Terms and Conditions and Privacy Policy.

Retention of User Data

Users' private data stored by Skyvia, is encrypted at rest using AES 256-bit encryption, which is one of the strongest ciphers available.

Skyvia stores the following users' data:

  • Backups - User data backups, created by Skyvia Backup are stored in secure Azure GRS storage. Skyvia uses Microsoft Azure redundant storage mechanisms to ensure that the data are not lost even in case of hardware failures. Users' backup data cannot be accessed directly, and can be accessed only via Skyvia services. Whenever necessary, users can delete their backups when they don't need them anymore.
  • Export results - When the user exports their data to a locally downloadable file, this file is stored on Skyvia servers for 7 days, so that the user could download it. The user can delete them earlier, if necessary.
  • Integration logs - Skyvia stores per-record error logs when Data Integration fails to load some records, and these logs may contain some users' data. For certain integration kinds and certain data sources Skyvia also stores per-record logs of successfully loaded records. They are not stored forever, from time to time old logs are deleted, and you can delete old logs manually. See more information in our documentation.
  • Connection parameters - To maintain automatic backup, integration, etc., Skyvia stores the necessary connection parameters for your data sources. Credentials are stored encrypted using AES 256-bit encryption.
  • Connection metadata - Skyvia stores names and types of objects and fields in users' data sources in order to display them in its user interface. This is the only part of users' data, visible to our employees. They may access it in order to provide better assistance to the users in their specific use cases.
  • Temporary cache - Occasionally, when running users' queries or integrations, Skyvia may cache some of the users' data. This cache is stored only while the operation is running, and is immediately deleted after it finishes.

If our user prefers to stop using Skyvia and delete their account and all the connected data, they need to contact our support and ask us to delete their account. After a confirmation, we will delete the account and all the related data.

Network Security

Skyvia is using an Azure Virtual Network inside the Microsoft Azure platform. All the virtual machines, on which Skyvia is running, are protected by the firewall and routing rules, and only ports, required for Skyvia functioning, are open.

Skyvia can be accessed only via HTTPS. All the users data is encrypted in transit using TLS end-to-end encryption and strong encryption keys with length of at least 128 bits. All the interactions between our interface and APIs are also encrypted.

Connection Security

For all the data sources that support OAuth connections, Skyvia uses OAuth connections by default. This means that you don't need to provide your data source credentials to Skyvia, and they are not stored on our servers. You can revoke OAuth access to your data at any time. These OAuth tokens are stored encrypted on Skyvia.

For data sources that do not support OAuth, credentials are stored in an encrypted form on our server in the Microsoft Azure Cloud. Our employees don't have access to connection strings of our users - for both OAuth- and credentials-based connections.

Authentication

Skyvia allows signing in either by creating an account with username and password or by using Single Sign-On (SSO) with Google or Salesforce. For username/password accounts, Skyvia uses strong hashing mechanism for passwords. Passwords are not stored on Skyvia servers, only secure hash is stored.

Company Policies

Skyvia is developed by Devart - a company with 20+ years experience on creating data connectivity solutions and database tools, having more than 40 000 customers , including companies from Fortune 500 and Fortune 100. It is developed using all the necessary secure coding practices and standards. Skyvia developers are experienced and trained for secure coding, and Skyvia's code includes measures for minimizing and mitigating security risks and breaches. Skyvia team regularly conducts automated security tests and checks for vulnerabilities.

Last updated: May, 2018