Trust & Security

Data & Network Security at Preset

Security is very important to us. We exceed the industry standards when it comes to protecting your organization.
Keeping You Safe

Data Security Features

We built our SaaS products with your security concerns in mind.

Secure Cloud Hosting

Preset Cloud runs on AWS with multi-tenant architecture. AWS is SOC2, ISO27001 and HIPAA compliant.

SSO with SAML

Enforce SSO authentication to your company domain(s) with the SAML SSO integration with Preset Cloud. We also support User Provisioning (SCIM) integration to manage team access.

Custom Roles

Create flexible policies that provide fine-grained access control with Role Based Access Controls (RBAC) to everything in Preset Cloud.

Encryption for Data in Transit

We secure all data in transit with Transport Layer Security (TLS) 1.2 or higher. Only secure cipher suites are enabled and they are reevaluated on a periodic basis.

Encryption for Data at Rest

Preset encrypts all of your data and metadata at rest using an industry standard AES-256 encryption algorithm.

Secure SDLC

Preset integrates security into every step of the Software Development Life Cycle (SDLC). Using manual and automated security controls we evaluate every line of code to protect our users from vulnerabilities and exploits.

Vulnerability Management

We actively monitor and remediate vulnerabilities reported from the Apache Superset community. You can report a vulnerability to security@preset.io

Penetration Testing

We participate in independent 3rd-party penetration testing every 3 months.

Intrusion Detection Systems (IDS)

We protect your data with several layers of Intrusion Detection Systems (IDS) that continuously scan for threats like Malware, Ransomware and container exploits.

Workforce Security

Full time employees and contractors participate in background checks and security training. They acknowledge our security policies and sign confidentiality agreements. All access to systems is audited on a quarterly basis.

Endpoint Security

We use MDM on all endpoints and require employees to use a VPN to access our production systems. Strong passwords are enforced, as is Multi Factor Authentication (MFA).

Continuous Compliance Monitoring

We utilize continuous compliance monitoring with Vanta to ensure that Preset Cloud is compliant with our compliance initiatives both inside and outside of the audit window.

Modern Compliance

Compliance Certifications, Standards & Regulations

We obtain industry-accepted certifications and comply with current industry standards and regulations so you can feel confident that your company and customer data remain secure and compliant.
SOC2 Type 2
SOC2 Type 2

Preset is SOC 2 Type 2 Certified. View our Letter of Attestation.

PCI-DSS Level 2
PCI-DSS Level 2
Preset is PCI-DSS Level 2 Compliant.
FAQ

Frequently Asked Questions

Cloud Security
  • Preset’s SaaS solution runs on AWS.
  • You can choose among four different deployment regions to have Preset deployment close to your data sources and to be compliant with local regulations. The current options include:

    • US East 1 - Virginia, US
    • US West 2 - Oregon, US
    • Asia Pacific 1 - Tokyo, Japan
    • EU North 1 - Stockholm, Sweden

    If you wish for a more specific region, Preset’s Managed Private Cloud can be deployed in any AWS region outside of Mainland China.

  • Preset workspaces are isolated by Role Based Access Controls (RBAC) that your organization’s admin users specify. We have a unique application key for each workspace, which is used to ensure that traffic to the workspaces is isolated.
Auditing
  • We have multiple layers of monitoring, including at the cloud, network, and application levels.
  • Preset offers usage metrics to see which dashboards, charts, and other assets are being utilized by your team over time. Audit logs for all queries coming from Preset can also be added so you have granular views into which users initiated each individual query coming from your Preset workspaces.
Data Privacy & Security
  • Preset requires access to the databases that your organization wants to analyze within our analytics platform.
  • Preset uses Auth0 as our IDP. If SSO support is needed, we would need to set up SCIM.
  • Preset uses RBAC to manage user access and permissions. Your organization can use row-level security to set up fine-grained permissions for data access.
  • Preset supports the implementation of Security Assertion Markup Language (SAML) Single Sign On (SSO) integration, enabling companies to leverage their existing identity management system, and allowing employees to sign in to Preset using their Identity Provider account. Supported identity providers include Azure, Google, and Okta. Read more here.
  • Database credentials are stored in a region-specific relational database service encrypted at rest. All traffic to the database is encrypted in transit. In the relational database service, each workspace has an associated database, which stores your organization’s database credentials and is accessed by unique credentials.
  • On top of our database connections that are secured with Transport Layer Security (TLS) 1.2, Preset offers the following mechanisms for securing connections to your data sources:

  • The results data is stored in a cache (AWS Elasticache for Redis), where the keys are prefixed by their respective workspace for isolation. In addition, the cache data is encrypted with an AES-128 workspace-specific key. By default, the cached data is stored for 24 hours; however, users can set custom timeouts as defined here.
  • You can detach any database connected to Preset Cloud and delete all datasets and queries. In addition, you can send a request to support@preset.io for account and user deletions.
Others
  • Preset tracks many metrics including uptime, MTTR, application error rates, release bugs, and many more.
  • An up-to-date list of sub-processors that Preset works with may be found here.
Take an advantage of our robust security features

Start using Preset for free

Create an account