EverSQL Security

Overview

Customer confidence and data security is critical to everything we do at EverSQL.
We are committed to providing our customers with a highly secure and reliable environment and keep the data safe. We have therefore developed a security model that covers all aspects of cloud-based EverSQL systems.

Protecting Data in Transit

EverSQL uses industry standard Transport Layer Security (“TLS”) to create a secure connection using 128­bit Advanced Encryption Standard (“AES”) encryption. This includes all data sent between the web application and EverSQL servers. There is no non-­TLS option for connecting to EverSQL. All connections are made securely over the https protocol.

Protecting Data at Rest

EverSQL ensures the security and privacy of user information by encrypting sensitive data at rest (such as SQL queries, schema structure definitions) on all servers.
Our systems are designed to ensure data is protected at all times. Specifically, we're using AES-256 to encrypt data at rest. User passwords are hashed and salted with a modern hash function.

System Monitoring, Logging and Alerting

EverSQL monitors servers to retain and analyze a comprehensive view of the security state of its production infrastructure. EverSQL collects and stores production servers logs for analysis.

Network Security

EverSQL uses Cloudflare to prevent Distributed Denial of Service attacks and for Web Application Firewall services.

Access Control

All customer data is considered highly sensitive and protected, and access is restricted. Only authorized and trained members of the EverSQL team have direct access to production systems and user data. Those who do have direct access to data are only permitted to view it in aggregate or for troubleshooting purposes. User data is only viewed by EverSQL employees for troubleshooting purposes when consent has expressly been provided ahead of time by the account owner or team administrator.

Third Party Access

No third parties are allowed to access users data.

Physical Security

Our servers are hosted with Linode's data centers. Linode implemented extensive physical, environmental and network security capabilities:

  • Access to the data center floor is restricted to data center employees and authorized visitors.
  • Data Centers are staffed 24/7/365 with security guards and technicians.
  • All employees and visitors are identified using biometrics and state issued Ids before entering the facility.
  • HVAC and power have redundant systems, so if one goes out, the others keep our systems powered and within operating temperature.
  • All of Linode's systems are segregated from other tenants by locking cabinets. Only datacenter staff assigned to supporting Linode systems have access to the keys.
  • Multiple Internet carriers using independent fiber connections to the datacenter floor.
  • The networks within the data centers have redundant routers, switches and service providers. Multiple systems can fail without affecting downtime or performance.

You can read more about Linode's security here.

Protecting Users Payment Information

We do not store any payment information. Payments are handled and stored by the trusted payment gateway Paddle.com, which follows all strict industry standards. More information regarding compliance can be found here.

Looking not to store any data on our servers?

By default, we keep user data (in a secure manner) for both our customers' convenience and for troubleshooting purposes. Said that, customers can decide to disable these capabilities, to make sure none of their data is kept on our servers. To do so, navigate to EverSQL Query Optimizer, click your user name (email address) at the top navigation bar, click Edit Profile and check the box: "Disable queries & schema history". Click Save. In case you already used the application before disabling the history mode, please contact us to make sure past data will be deleted as well.