All data in iconik is encrypted both in transit using TLS 1.2+ and at rest using AES-256 encryption.
Iconik forces usage of HTTPS, HTTP2 or WSS, and only uses TLS or QUIC.
Iconik complies with the latest General Data Protection Regulation (GDPR).
The iconik Storage Gateway can be firewalled so that no incoming connection can be established with on-premise storage.
Machine Intelligence proactively supports monitoring and responding to intrusion attempts.
Production environments are internally restricted to a handful of engineers and separated from testing and other environments.
Iconik logs all API calls and operations in iconik to be audited in a secure logging environment.
All passwords in iconik are hashed and salted, making them nearly impossible to decode.
Regular backups and penetration testing are an important part of our standard operation policy.
You can breathe easy knowing that unauthorized people cannot penetrate iconik’s system. Multiple external cyber security experts have tested iconik and ruled that our security is state-of-the-art and effective.
These external auditors with certifications in CISSP, OSCP, CEH, PCIP, ISO, CISA, CISM, used methodologies and standards like NIST SP800-115, PTES, OWASP and Offensive Security to evaluate and confirm iconik’s security.
Iconik operates it's network on Amazon AWS and Google Cloud, global cloud leaders who provide leading edge security. This provides iconik with Denial of Service Protection, and best in class operational and physical security.
We use Google Clouds Best Practices which include; Identity & access management, Multifactor authentication, Automated Security Scanning, Application Firewalls and Intrusion Detection, and Denial of Service Attack Mitigation.
By using iconik’s metadata management, the information around your content will always be helpful—never harmful. You can build custom metadata views to only present relevant data for each user.