Seek Security

Overview

We at Seek understand the importance of your data and are committed to securing our systems and your data end-to-end.  Thus, we have built Seek Apps from the ground up with a “security-first” design philosophy.

Data Protection In Transit

All customer data is securely transferred to our application using TLS v1.2 and above.  Only authorized personnel and customers are permitted to connect to our applications, and all connections to the application are monitored and logged.

Data Protection in Storage

All data stored in our applications is encrypted using AES256 encryption.  Our IT infrastructure is 100% based in the cloud, and thus is resilient to physical attack.

Data Protection In use

All data shared with our applications remains under our customers’ sole control via their Snowflake instance. Access to our development and operating environments is strictly controlled, and only those Seek personnel who have been carefully screened are permitted access

Verified Security

Our security processes and controls are audited and verified annually by SOC 2 security standards. This includes enforcing two-factor authentication, real-time vulnerability, and malware scanning, logging all administrator actions, employing a rigorous incident management process to investigate potential security events and facilitate required notifications promptly, and following repeatable processes to ensure a secure environment. 

Shared Security Responsibility Model

To deliver our service in the most secure manner possible, Seek operates under a shared security responsibility model.  The shared security responsibility model is a framework to identify the distinct security responsibilities of both the customer and the cloud provider. In this model:

  • Seek is responsible for the security “of the cloud”, i.e., the underlying App infrastructure

  • You are responsible for the security “in the cloud”, e.g., configuring your account in a manner that is consistent with your company's information security requirements, and managing and protecting your credentials for your account

Seek Security Controls

As a cloud provider, Seek is responsible for the security “of” Seek's underlying infrastructure.  Some of the security controls we use to secure our infrastructure include:

  • Data Protection

  • Software Development Security

  • External audits and Penetration Tests

  • Customer Privacy

Software Development Security

We at Seek follow “best-in-practice" software development strategies.  This includes deploying fully segregated development, testing, and production environments; and only permitting authorized employees access to each applicable environment.  We also employ peer code review processes and code scanning technologies to ensure that our code is vulnerability-free.

External audits and Penetration Tests

Our security processes and controls are audited and verified annually by SOC 2 security standards. This includes enforcing two-factor authentication, real-time vulnerability, and malware scanning, logging all administrator actions, employing a rigorous incident management process to investigate potential security events and facilitate required notifications promptly, and following repeatable processes to ensure a secure environment. We also undergo annual penetration tests of both the Insight Cloud service and the underlying infrastructure.

Customer Privacy

Seek retains minimal information about our customers, and what little information we do collect (e.g., company name and point of contact), is never sold to third parties.  All payment information is processed by our third-party payment processor (Stripe) and is not stored by Seek.

Authentication: Single Sign On (SSO)

Insight Cloud uses an industry-standard 3rd party authentication platform called Auth0. Auth0 is a cloud-based identity platform that provides authentication and authorization services for web, mobile, and legacy applications.

Auth0 supports various identity providers, including social media platforms (such as Google, Facebook, and Twitter), enterprise identity systems (such as Active Directory and LDAP), and custom databases.

Key features of Auth0 include:

  1. Authentication and Authorization: Auth0 handles user authentication and authorization, allowing developers to implement secure access controls and user management in their applications.

  2. Single Sign-On (SSO): Auth0 enables users to log in once and access multiple applications without having to log in again, providing a seamless and user-friendly experience.

  3. Social Identity Providers: Developers can integrate social media login options, allowing users to sign in using their existing accounts on platforms like Google, Facebook, and others.

  4. Customization and Branding: Auth0 provides customization options for the login page and user interfaces, allowing developers to maintain a consistent brand experience.

  5. Multi-factor Authentication (MFA): Auth0 supports multi-factor authentication to enhance security by requiring additional verification steps beyond a username and password.

  6. User Management: Developers can manage user identities, including user registration, password resets, and profile management, through the Auth0 platform.

  7. Security Features: Auth0 incorporates security best practices, including encryption, threat detection, and anomaly detection, to help protect against common security threats.

  8. Extensibility: Auth0 offers extensibility through custom rules and hooks, allowing developers to add custom logic during the authentication and authorization process.