Security

Visibility. Trust. Redundancy.

 

Ryvit understands that for you to realize the benefits of a cloud hosted integration service, you must be willing to entrust your iPaaS provider with one of your most valuable assets— data. If you invest in a cloud service, you must be able to trust that data is safe, that the privacy of your data is protected, and that the data owner retain control over their data—that it will only be used in a way that is consistent with expectations.

Click below to learn more about how Ryvit takes data security seriously:

After a careful selection process, Ryvit has leveraged Microsoft’s Azure environment and their decades-long experience building enterprise software and running some of the world’s largest online services to create a robust set of security technologies and practices. These help ensure that the Ryvit infrastructure is resilient to attack, safeguards user access to the Ryvit environment, and helps keep customer data secure through encrypted communications as well as threat management and mitigation practices, including regular penetration testing.

Encrypting communications and operation processes. For data in transit, Ryvit uses industry-standard transport protocols between user devices and Microsoft datacenters, and within datacenters themselves. For data at rest, Ryvit offers a wide range of encryption capabilities up to AES-256, giving you the flexibility to choose the solution that best meets your needs.

Managing threats. To protect against online threats, Ryvituses Microsoft Antimalware for cloud services and virtual machines. Ryvit also employs intrusion detection, denial-of-service (DDoS) attack prevention, regular penetration testing, and data analytics and machine learning tools to help mitigate threats to the Ryvit platform.

We strive to be transparent in our privacy practices, offer you meaningful privacy choices, and responsibly manage the data we store and process.

You own your own data. With Ryvit, you have ownership of your data. We will not use customer data or derive information from it for advertising or data mining.

How we respond to government and law enforcement requests to access data. When a government wants customer data—including for national security purposes—it must follow the applicable legal process, serving us with a court order for content or a subpoena for account information. If compelled to disclose customer data, Ryvit will promptly notify you and provide a copy of the demand, unless legally prohibited from doing so. We do not provide any government with direct or unfettered access to customer data except as you direct or where required by law.

Ryvit is built on the premise that for you to control your own data in the cloud, you require visibility into that data. You must know where it is stored. You must also know, through clearly stated and readily available policies and procedures, how we help secure your customer data, who can access it, and under what circumstances.

Ryvit’s hosted infrastructure meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards like Australia IRAP, UK G-Cloud, and Singapore MTCS.

As part of our commitment to transparency, you can verify our implementation of many security controls by requesting audit results from the certifying third parties.

When Ryvit verifies that our services meet compliance standards and demonstrates how we achieve compliance, that makes it easier for customers to secure compliance for the infrastructure and applications they run on our hosted infrastructure.

Ryvit is by default configured with GRS, which in effect maintains three copies of the same content locally for high availability, and replicates the content to a secondary datacenter at least 400 miles away and maintains three copies there for DR. So all are six copies of your data, three locally and three remotely.