Security and Compliance

Highlights

  • Revefi is built to industry-leading security standards. We follow enterprise-grade practices in protecting your data and ensuring compliance.
  • Revefi is built on top of Amazon AWS. Revefi's servers are hosted in the U.S. We only partner with third parties that are SOC 2 certified.
  • Revefi only extracts metadata, query logs and aggregated statistics. Revefi does not fetch individual records or PII from your environment.
  • All data in Revefi is encrypted in transit (browser to our app) and at rest (file system and databases) with the recent TLS versions (strong encryption).

Data Security

  • Encryption At-Rest: Revefi encrypts all data-at-rest using AES-256 encryption.
  • Encryption In-Transit: All data in Revefi is encrypted in transit (browser to the app) and SSL/TLS for database communication. All communication use TLS1.2+.

Information Revefi collects

Revefi collect, process and store the following information:

  • Metadata - Metadata such as names of tables, fields, field types, names and attributes of BI reports/dashboards, pipelines and other such metadata. This is done to build a catalog of warehouse, pipelines objects and BI objects along with schema information.
  • Metrics - Metrics information such as row counts, table size, last modification date and other similar table-level metrics. The metrics information allows Revefi to track table freshness, volume and other metrics.
  • Query Logs - Log of SQL queries, as well as information about them such as execution timestamp, user who executed the query, errors if any, etc. With this information Revefi provides lineage, usage analytics and query history information to help with troubleshooting and better understanding of the data.
  • Aggregated Statistics - Statistics may include null rates, distinct values, row counts, percentiles, and other similar metrics. This information is used for anomaly detection.

Compliance

SOC2 Type II:Revefi is SOC-2 Type II certified. We undergo regular pen-tests conducted by third parties to ensure that the platform remains secure and standards-compliant.

HIPAA: Revefi is HIPAA compliant. We protect sensitive customer data.

Additional Resources

Contact us for more information. SOC-2 Type-II, HIPAA and/or pen-test reports are available upon request.