For additional information, or requests for Customization to meet stricter data security requirements (ex. creating a dedicated cloud environment in your private network), please reach out via Enterprise@BlazeSQL.com.
Last updated: 29.06.2023
BlazeSQL, powered by Google Cloud Platform, automatically provides encryption at rest. All user data stored in our applications is secured under the 256-bit Advanced Encryption Standard (AES-256). This encryption method is applied to all data within the computing, storage, networking, and off-site media at Google data centers.
BlazeSQL ensures that all data-in-transit is securely encrypted using HTTPS with Transport Layer Security (TLS). This security measure ensures that all communications between BlazeSQL and the cloud servers are securely encrypted, thwarting any potential data interception.
Google Cloud Firestore, which BlazeSQL uses for data storage, automatically encrypts all data both at rest and in transit. Advanced custom security rules can be used to control access to critical data, ensuring that only authorized accesses are permitted to read or write data.
Google Cloud Platform holds several key security accreditations including ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3, and GDPR. For specific enterprise needs, Google Cloud additionally offers Cloud HSM to manage cryptographic keys, adhering to FIPS 140-2 Level 3 compliance.
Invitees can either only read, or read and write (creating, updating, and deleting tables) depending on the level of access granted by the admin.
Databases added to BlazeSQL are controlled by the person who added them ("the admin"). Only individuals explicitly selected by the admin ("invitees") can view the database.
Enterprise customers can opt to record events for monitoring and troubleshooting system performance and security. Users require unique accounts, allowing enterprise customers to precisely monitor and trace all activity.
• User Activity: Details like who generated, modified, or deleted SQL queries, which data they accessed, the timestamp of their activities, and more.
• Security Events: Failed login attempts, changes in user roles, or access permissions.
• System Activity: Records of system events, such as system shutdown, updates, or system errors.
For the case of an incident, BlazeSQL has the following customizable response strategy:
BlazeSQL will leverage Google Cloud Platform's (GCP) built-in security controls and Firebase's real-time monitoring capabilities to ensure quick identification of potential incidents. Any unusual system activities will be instantly flagged and reported.
Upon notification, BlazeSQL's dedicated security team will assess the reported incident's severity, documenting the extent and potential impact, prioritizing incidents according to their severity.
The team will immediately isolate the affected components to limit any potential data exposure or system damage, leveraging GCP and Firebase's infrastructure to control the situation. The source of the incident will be identified and eradicated.
BlazeSQL will utilize GCP's robust data recovery and backup solutions to restore affected services and data. The recovery timeline will largely depend on the incident's nature and severity.
Post-recovery, an incident review will be conducted to understand the root cause, measure the effectiveness of the response, identify any gaps in security controls, and develop a plan to strengthen system security and prevent repetition..
Transparent and timely communication will be maintained with all stakeholders throughout the process. Post-incident, concrete steps taken and improvements in system security will be communicated to reinforce confidence in BlazeSQL's commitment to data security and privacy. All incident response actions will align with BlazeSQL’s stated data privacy and security policies, as well as regulatory requirements. BlazeSQL is committed to continually improving its incident response action plan so it can swiftly react to and recover from any potential security incidents.
If you have any questions or special requirements that are not met by the standard data policy, please contact us at: Enterprise@BlazeSQL.com