Security & Compliance

Innovate with integrity and confidence

The SnapLogic Intelligent Integration Platform complies with extremely high security and compliance standards,
providing customers with secure data integration.

SnapLogic Enterprise Integration Cloud Architecture
The SnapLogic Intelligent Integration Platform Architecture

SnapLogic’s platform allows users to control access rights. SnapLogic does not collect any personal information on behalf of its customers, does not control such information, and does not monitor the content of pipelines run in the SnapLogic Intelligent Integration Platform.

  • The SnapLogic Intelligent Integration Platform Metadata and log files are hosted on the Amazon Web Service cloud infrastructure.
  • SnapLogic is 100-percent Amazon Web Services-based and inherently leverages AWS’s powerful security and compliance capabilities.

White Paper

Cloud Application Security

Download White Paper

laptop and phone
combination lock

Data Management and Data Encryption

SnapLogic protects sensitive customer data through a combination of access controls and encryption. SnapLogic:

  • Encrypts data at the disk level with the account data stored in a server-side encrypted bucket in the Amazon S3 environment.
  • Does not, by default, persist customer data.
  • Encrypts data fields at the account level and only operates on the customer data using customer-defined pipelines that may perform any necessary data operations.

Runtime Data Security

The SnapLogic Intelligent Integration Platform is a stateless engine, meaning it does not store runtime or business-related data. Only customer metadata is stored in the SnapLogic platform.

  • Pre-built connectors, Snaps, leverage the endpoint security provided by the endpoint it is connected to whether using a secure JDBC connection to a database or invoking a HTTPS-based REST or SOAP API as part of the integration pipeline. If the endpoint supports data encryption, Snaps can also be configured to send and receive encrypted data.
  • Account credentials used to access endpoints from SnapLogic are encrypted using a private key/public key model. The account data when created, is encrypted with the public key in the browser, then stored in encrypted form in the control plane, subsequently decrypted with the private key in the Snaplex, just-in-time for use to connect to the endpoint. With the enhanced Account Encryption option, the Private key is never in SnapLogic’s control, ensuring the customer’s integrity may never be breached even in the event of a compromise on the SnapLogic side.
typing password

Password Security Management

The SnapLogic Intelligent Integration Platform server supports an authentication and privilege model that allows the administrator to grant, limit, or restrict access to components and pipelines.

  • The server applies access rules to all requests and grants or denies access depending on the type of operation attempted by the user.
  • Users who share a particular responsibility can be assigned to groups.
  • SnapLogic supports SSO through Security Assertion Markup Language (SAML) standard or Active Directory.
  • Supported authentication methods include Open AM, OKTA, and Ping.

Security and Compliance Certifications

SnapLogic upholds the highest security and compliance standards and believes that our customers should not compromise data integration with security and governance.

The SnapLogic Intelligent Integration Platform is certified by third parties with:

  • SSAE18 Type II
  • ISAE 3402 Type 2
  • SOC 2 Type II

Platform is compliant with:

  • CCPA (California Consumer Privacy Act)
  • GDPR (EU: General Data Privacy Regulation)
  • European Union-U.S. and Swiss-U.S. Privacy Shield Frameworks

The SnapLogic platform runs on Amazon Web Services (AWS) cloud infrastructure, one of the most powerful and flexible cloud computing environments. We leverage the security and compliance capabilities of AWS, including ISO 9001, ISO 27001, ISO 27017, ISO 27018, SEC Rule 17-a-4(f), DIACAP, FISMA, ITAR, CIS, CJIS, CSA, MPAA, MTCS Tier 3, G-Cloud, and DoD CSM Levels 1-2 and 3-5.

glowing security


While SnapLogic does not store any customer data within the platform, metadata resides in the platform. The metadata is secured inside the protected SnapLogic environment, and only accessed by the SnapLogic Control Plane Services – no access is permitted by any outside service. Additionally, sensitive data, such as account information will be encrypted.

Network and Facilities Infrastructure Security

Network and Facilities Infrastructure Security

The SnapLogic Intelligent Integration Platform supports all application and data integration processes – on-premises, cloud, hybrid, or embedded. SnapLogic consists of a multi-tenant cloud service for creating, managing, and monitoring integrations – data processing can be run in a private cloud and/or behind your firewall.

Communication with Endpoints

Communication with Endpoints

Communication between the SnapLogic Intelligent Integration Cloud, the control plane, and the on-premises processing components is established via SSL encryption on port 443. Communication between the control plane and cloud-based processing components is over HTTPS. The SnapLogic platform communicates with the data plane over HTTPS.

Contact Us Free Trial