Security and Compliance
Konstellation is a software-as-a-service (SaaS) platform with options to extend certain components into the customer’s environment to meet security and compliance needs. Konstellation is capable of adhering to strict privacy and security standards.
Compliance
Konstellation is working towards SOC-2 compliance and our trust center can be accessed here.
Through this, we adhere to industry-leading security standards to ensure the highest level of data protection and compliance. We are committed to maintaining SOC 2 Type 2 compliance, which demonstrates our dedication to security, availability, processing integrity, confidentiality, and privacy.
Our Commitment to Security:
- Annual Audits: We undergo rigorous annual audits by an independent third-party auditor to maintain our SOC 2 Type 2 compliance.
- Penetration Testing: To ensure the robustness of our platform, we conduct regular penetration tests performed by an independent security firm. Reports are available upon request.
- Secure Development Practices: Our development processes are designed with security at the forefront. We enforce strict measures including mandatory multi-factor authentication (MFA) for access, encryption at rest (AES-256) and in transit (TLS v1.2 or higher), and comprehensive security reviews as part of our CI/CD pipeline.
- Employee Training: All Konstellation employees undergo mandatory, annual security training to stay updated on the latest security practices and threats.
- Infrastructure Security: Our cloud infrastructure is hosted on [Cloud Provider Name], with all security best practices implemented, including firewalls, intrusion detection, and vulnerability management.
By following these stringent practices, Konstellation ensures that your data is secure and compliant with SOC 2 standards. Our commitment to security means you can trust us to protect your most critical assets.
Security
Konstellation extracts only metadata, query logs, and aggregated statistics into its Cloud Hub for monitoring and anomaly detection. Our platform is designed to ensure that no individual records or personally identifiable information (PII) leave your environment, and it never stores raw data from your data sources.
Access needed by Konstellation
Konstellation operates with read-only access via APIs and/or dedicated service accounts, allowing you to set granular permissions for the datasets you choose. Our system is restricted from modifying your data. Credentials to your data sources are stored securely on Konstellation servers hosted in AWS, encrypted at rest, and inaccessible to Konstellation engineers.
Create a dedicated service account with read-only access to the tables and schemas you want to have Konstellation observe.
Architecture Components
Cloud Hub Konstellation operates a Cloud Hub that supports the user interface, data monitoring system, reliability dashboards, and notification routing. |
Data Store A data store for data from the customer environment is required to perform anomaly detection, execute our ML workloads, and run the Konstellation application. |
Integration Service An Integration Service acts as a bridge between Konstellation’s Cloud Hub and customer resources. |