Data Security in Evidence
Evidence is SOC2 compliant. See security.evidence.dev for a detailed breakdown of Evidence's security posture, controls, and compliance certifications.
We are committed to the highest standards of security across all our products and services, ensuring the confidentiality and integrity of your data at every step. Evidence is a trusted partner of enterprises, public companies, and national governments around the world.
The following measures are in place to protect your data:
| Security Measures | Description |
|---|---|
| Data Encryption | All your personal and project data reside on an isolated network and are encrypted at rest. |
| Database Credentials | Your database/warehouse credentials are safeguarded with an additional layer of encryption, shielding them further against unauthorized access. |
| IP Whitelisting | You can optionally restrict access to your database/warehouse even further by whitelisting Evidence Cloud's IP addresses. |
| Hosted Data | Your Evidence deployment data (e.g. query results) is encrypted at rest using state-of-the-art encryption techniques and secured in transit using HTTPS. |
| Secure Network | A majority of Evidence's backend systems operate within a secure, isolated network,
ensuring enhanced protection. Essential online interactions, like serving web pages, are fortified with TLS/HTTPS encryption. |
| Access Controls | We maintain strict access controls, ensuring that only authorized personnel can access sensitive information, with activity logging enabled for enhanced security. |
