Overview
Customer confidence and data security is critical to everything we do at EverSQL.
We are committed to providing our customers with a highly secure and reliable environment and keep the data safe. We have therefore developed a security model that covers all aspects of cloud-based EverSQL systems.
Protecting Data in Transit
EverSQL uses industry standard Transport Layer Security (“TLS”) to create a secure connection using 128bit Advanced Encryption Standard (“AES”) encryption. This includes all data sent between the web application and EverSQL servers. There is no non-TLS option for connecting to EverSQL. All connections are made securely over the https protocol.
Protecting Data at Rest
EverSQL ensures the security and privacy of user information by encrypting sensitive data at rest (such as SQL queries, schema structure definitions) on all servers.
Our systems are designed to ensure data is protected at all times. Specifically, we're using AES-256 to encrypt data at rest. User passwords are hashed and salted with a modern hash function.
System Monitoring, Logging and Alerting
EverSQL monitors servers to retain and analyze a comprehensive view of the security state of its production infrastructure. EverSQL collects and stores production servers logs for analysis.
Network Security
EverSQL uses Cloudflare to prevent Distributed Denial of Service attacks and for Web Application Firewall services.
Access Control
All customer data is considered highly sensitive and protected, and access is restricted. Only authorized and trained members of the EverSQL team have direct access to production systems and user data. Those who do have direct access to data are only permitted to view it in aggregate or for troubleshooting purposes. User data is only viewed by EverSQL employees for troubleshooting purposes when consent has expressly been provided ahead of time by the account owner or team administrator.
Physical Security
Our systems are hosted at Amazon Web Services in the United States. These data centers employ leading physical and environmental security measures, resulting in highly resilient infrastructure. For more information about Amazon AWS security practices, please navigate to the AWS security page
Protecting Users Payment Information
We do not store any payment information. Payments are handled and stored by the trusted payment gateway Paddle.com, which follows all strict industry standards. More information regarding compliance can be found here.
Looking for Data Masking / Data Anonymization?
EverSQL doesn't require credentials into your database and doesn't access your database's raw data. Most of the data that is processed contains tables' structure and SQL Queries. These SQL queries might contain sensitive parameters or values. EverSQL Data Masking feature (also known as data scrambling and data anonymization) helps reduce this concern by irreversibly replacing the original sensitive parameters with fictitious data so that EverSQL can analyze the queries without the sensitive parameters. Accessible through EverSQL's Sensor, EverSQL Data Masking provides an end-to-end secure solution for customers who would like to anonymize their queries' parameters. The EverSQL Data masking is disabled by default and available only for the Enterprise plan.
Looking not to store any data on our servers?
By default, we keep user data (in a secure manner) for both our customers' convenience and for troubleshooting purposes. Said that, customers can decide to disable these capabilities, to make sure none of their data is kept on our servers. To do so, navigate to EverSQL Query Optimizer, click your user name (email address) at the top navigation bar, click Edit Profile and check the box: "Disable queries & schema history". Click Save. In case you already used the application before disabling the history mode, please contact us to make sure past data will be deleted as well.