Data Security

All sensitive information in Botmetric is encrypted with a unique key and hash for each customer. We don’t log or transmit any sensitive information that you share with us. We also ensure important customer data is isolated at various levels in our systems.

 

Customer data access policy on Botmetric Platform

The production environment’s infrastructure is completely independent of staging and development environments. Developers have zero access to the production environment. A limited number of admins have access to infrastructure. The internal team requests access for limited customer data from admin team only to support customer requests.

 

The only two ways customer data can be accessed:

  1. Botmetric Platform – username and password would be required to login. Passwords are encrypted with customer specific salt.
  2. AWS APIs – The role ARN shared with Botmetric only provides access to Botmetric’s AWS Production account, the access for which is limited. Also the ARNs are encrypted at rest.

Data purge policy after subscription is terminated

After subscription is terminated, all user accounts and automation jobs are disabled. Data is kept for 60 days in case customer decides to renew their subscription. After 60 days, all customer data is purged permanently.

 

Customer data isolation on a multi tenant platform

Data isolation is ensured not only at the application layer but also at the data storage layer.

Access control & MFA

Botmetric uses Identity Access Management(IAM) roles to connect with your cloud account. Rest assured only our application can access your cloud APIs, using temporary access keys for each session. We ensure that all our communication with your cloud account is secured. Botmetric provides access controls for authentication and authorization to manage your account.
Botmetric provides Multi-Factor Authentication (MFA) to improve access security by making users enter a unique authentication code from their authentication device along with their username and password.

Botmetric audit trail

We have an activity history log in place that tracks important changes related to your users and cloud accounts within your Botmetric account.

Infrastructure & Network Security

Our servers are hosted in Virtual Private Cloud with strong access controls for network and application level security. We protect our application using state of the art web application firewall services. Our backend services like databases, logs etc isolated into separate private networks for enhanced protection.
Botmetric ensures any data sent to/from our system is transmitted securely using SSL and HTTPS. This ensures your data is secure over network and we don’t allow non-encrypted communication. You don’t need to open any custom ports for using Botmetric from your network or cloud. Our agent is secured with authentication, authorization and tampering protection.

Botmetric uses the safest method of cross account role to access your AWS account. We only take the minimum required permissions. We do not need access and secret key of your AWS account.

Botmetric requires you to generate ARN for third party access to your account for its three components – Cloud Insight, Cost Analytics, Cloud Auotmation. The three components are independent of each other and can be accessed independently by granting the corresponding permission.

Permission for cloud insights

For Cloud Insight you only require to grant a limited read only permission of your AWS account to Botmetric. This permission strictly limits Botmetric from accessing/modifying any of your infrastructural resource.

Read Access ARN Policy Document - Insights

Security Policy

Permission for cost analytics

For Cost Analytics you provide Botmetric with a read-only permission that is strictly limited to your S3 billing bucket and can’t access any of the other services. For example, Botmetric cannot read S3 buckets beyond your billing data.

Read Access ARN Policy Document - Analytics

Security Policy

Permission for cloud automation

For Cloud Automation and Click to Fix feature Botmetric will require specific write access permissions for your AWS account.
For this policy you can chose to eliminate certain access points if you wish but that may result in incomplete feature access.

Read Access ARN Policy Document - Analytics

Security Policy

Optimize Your Cloud Operations

Join Hundreds Of Companies Powered By Botmetric

Security Policy