Security & Compliance
Innovate with integrity and confidence
The SnapLogic Enterprise Integration Cloud complies with extremely high security and compliance standards, providing customers with secure data integration.
Cloud Application Security
SnapLogic’s platform allows users to control access rights. SnapLogic does not collect any personal information on behalf of its customers, does not control such information, and does not monitor the content of pipelines run in the SnapLogic Enterprise Integration Cloud.
- The SnapLogic Enterprise Integration Cloud Metadata and log files are hosted on the Amazon Web Service cloud infrastructure.
- SnapLogic is 100-percent Amazon Web Services-based and inherently leverages AWS’s powerful security and compliance capabilities.
Data Management and Data Encryption
SnapLogic protects sensitive customer data through a combination of access controls and encryption. SnapLogic:
- Encrypts data at the disk level with the account data stored in a server-side encrypted bucket in the Amazon S3 environment.
- Does not, by default, persist customer data.
- Encrypts data fields at the account level and only operates on the customer data using customer-defined pipelines that may perform any necessary data operations.
Runtime Data Security
The SnapLogic Enterprise Integration Cloud is a stateless engine, meaning it does not store runtime or business-related data. Only customer metadata is stored in the SnapLogic platform.
- Pre-built connectors, Snaps, leverage the endpoint security provided by the endpoint it is connected to whether using a secure JDBC connection to a database or invoking a HTTPS-based REST or SOAP API as part of the integration pipeline. If the endpoint supports data encryption, Snaps can also be configured to send and receive encrypted data.
- Account credentials used to access endpoints from SnapLogic can also be encrypted using a private key/public model. The data is encrypted with a public key before it leaves the browser, then is decrypted with a private key on the control plane.
Password Security Management
The SnapLogic Enterprise Integration Cloud server supports an authentication and privilege model that allows the administrator to grant, limit, or restrict access to components and pipelines.
- The server applies access rules to all requests and grants or denies access depending on the type of operation attempted by the user.
- Users who share a particular responsibility can be assigned to groups.
- SnapLogic supports SSO through Security Assertion Markup Language (SAML) standard or Active Directory.
- Supported authentication methods include Open AM, OKTA, and Ping.
Security and Compliance Certifications
SnapLogic upholds the highest security and compliance standards and believes that our customers should not compromise data integration with security and governance.
SnapLogic is certified in the following:
- SSAE18 Type II
- ISAE 3402 Type 2
- EU-US Privacy Shield
- SOC 2 Type II
- PCI (pending)
- TRUSTe Certified Privacy
- GDPR (pending)
The SnapLogic platform runs 100 percent on Amazon Web Services (AWS) cloud infrastructure, one of the most powerful and flexible cloud computing environments. We inherently leverage the security and compliance capabilities of AWS, including ISO 9001, ISO 27001, ISO 27017, ISO 27018, SEC Rule 17-a-4(f), DIACAP, FISMA, ITAR, CIS, CJIS, CSA, MPAA, MTCS Tier 3, G-Cloud, and DoD CSM Levels 1-2 and 3-5.
While SnapLogic does not store any customer data within the platform, metadata resides in the platform. The metadata is secured inside the protected SnapLogic environment, and only accessed by the SnapLogic Control Plane Services – no access is permitted by any outside service. Additionally, sensitive data, such as account information will be encrypted.
Network and Facilities Infrastructure Security
The SnapLogic Enterprise Integration Cloud supports all application and data integration processes – on-premises, cloud, hybrid, or embedded. SnapLogic consists of a multi-tenant cloud service for creating, managing, and monitoring integrations – data processing can be run in a private cloud and/or behind your firewall.
Communication with Endpoints
Communication between the SnapLogic Integration Cloud, the control plane, and the on-premises processing components is established via SSL encryption on port 443. Communication between the control plane and cloud-based processing components is over HTTPS. The SnapLogic platform communicates with the data plane over HTTPS.