YOUR METADATA IS SAFE WITH US
Octopai takes continuous measures to ensure compliance with industry best practices so that customers are never exposed to malicious code
No direct connection between Octopai and user data source
Option for Azure or AWS worldwide customer dedicated Octopai VM
Highest level vault encryption
Single-directional push process
We do not have the ability to pull anything
from the user's systems
WE DEAL WITH METADATA ONLY - NOT DATA
Security Compliance and Certifications
3 Levels of Cloud Security
Double Firewall - including IP filtering
Encryption in motion - HTTPS
Encryption in motion - HTTPS
Double Firewall - including IP filtering
Data Center & Network Security
Octopai hosts all its software on Microsoft Azure.
See Azure compliance and security documentation for more information.
All of Octopai’s servers are located on our own virtual private cloud (VPC), protected by restricted security groups allowing only the minimal required communication to and between servers.
Metadata Security
All connections to Octopai are encrypted using SSL, and any attempt to connect over HTTP is redirected to HTTPS. We maintain DigiCert SHA2 Extended Validation Server CA certification.
System passwords are encrypted using AWS KMS and Azure Key Vault with restricted access to specific production systems.
Octopai customers may configure a data retention duration and customer data is purged from Octopai systems following contract termination.
We use industry-standard SQL Server data storage systems hosted on AWS and Azure.
Application Security
Octopai login requires strong passwords. User passwords are salted, irreversibly hashed, and stored in Octopai’s database.
In addition to Octopai’s extensive testing program, we conduct application penetration testing by a third party at least once per year.
Web application architecture and implementation follow OWASP guidelines.
In addition to Octopai’s extensive testing program, we conduct application penetration testing by a third party at least once per year.
