No direct connection between Octopai and user data source
Highest level vault encryption
Option for Azure or AWS worldwide customer dedicated Octopai VM
Single-directional push process
We do not have the ability to pull anything from the user's systems
We deal with metadata only - not data
3 Levels of Cloud Security
Double Firewall - including IP filtering
Encryption in motion - HTTPS
Encryption at rest - Encrypted Virtual Data Disks
Data Center & Network Security
Octopai hosts all its software on Amazon Web Services (AWS) and Microsoft Azure. See AWS and Azure compliance and security documentation for more information.
All of Octopai’s servers are located on our own virtual private cloud (VPC), protected by restricted security groups allowing only the minimal required communication to and between servers.
Metadata Security
All connections to Octopai are encrypted using SSL, and any attempt to connect over HTTP is redirected to HTTPS. We maintain DigiCert SHA2 Extended Validation Server CA certification.
System passwords are encrypted using AWS KMS and Azure Key Vault with restricted access to specific production systems.
Octopai customers may configure a data retention duration and customer data is purged from Octopai systems following contract termination.
We use industry-standard SQL Server data storage systems hosted on AWS and Azure.
Application Security
Octopai login requires strong passwords. User passwords are salted, irreversibly hashed, and stored in Octopai’s database.
In addition to Octopai’s extensive testing program, we conduct application penetration testing by a third party at least once per year.
Web application architecture and implementation follow OWASP guidelines.
All access to Octopai applications is logged and audited, and logs are kept for at least one year.
