SnapLogic Home Page
See it in Action
Platform Overview
SnapLogic AI
GenAI BuilderNEW
SnapGPT
Snaps (Pre-Built Integrations)
Data Integration
AutoSync
App Integration
On-Demand iPaaS Demo
API Management
On-Demand APIM Demo
Use Case Overview

By Industry

Manufacturing
Retail
Financial Services
Higher Education

By Function

Human Resources
IT
Sales
Marketing
Finance

By Popular Workflow

Employee Onboarding
Quote-to-Cash
Invoice Processing

By Solution

Generative Integration
Enterprise Automation
Cloud Data Warehouse
Modernization
Informatica Replacement
Partners Overview
OEM/Embedded
Become a Partner
Login to Partner Connect
Register for Partner Access
Customers Overview
Our Community
MVP Program
SnapLogic Academy
Customers Awards
Resource Library
Blogs
Podcasts
eBooks
Events & Webinars
Getting Help
Support Desk
Documentation
Training Workshops
Professional Services
About Us
CareersWe’re Hiring
Newsroom
Press Releases
Contact Us
Book a Demo
Login
See it in Action
Platform Overview

All-in-one data and application integration platform.

SnapLogic AI
GenAI Builder
SnapGPT
Snaps (Pre-Built Integrations)
Data Integration

Mobilize data to the cloud with visual ETL/ELT and reverse ETL.

Application Integration

Connect every application with our no-code/low-code iPaaS solutions.

API Management

Efficiently create, manage, and secure all your APIs at scale.

AutoSync
What is Data Integration?
On-Demand iPaaS Demo
What is iPaaS?
On-Demand APIM Demo
What is APIM?
Try Now!
Free Trial

Experience the leading self-service integration platform for yourself.

GenAI Builder
GenAI BuilderNEW

Create LLM-powered applications and automations in minutes.

Use Case Overview

Bring automation to every part of your organization.

By Industry

Manufacturing
Retail
Financial Services
Higher Education

By Function

Human Resources
IT
Sales
Marketing
Finance

By Popular Workflow

Employee Onboarding
Quote-to-Cash
Invoice Processing

By Solution

OEM/Embedded
Generative Integration
Enterprise Automation
Cloud Data Warehouse
Modernization
Informatica Replacement
Partners Overview

Drive profitability and growth through joint sales and marketing strategies.

OEM/Embedded

Partnerships for ISV, MSP, OEM, and Embedded providers.

Become a Partner

Gain access to a world-class partner ecosystem.

Login to Partner Connect

Access the SnapLogic Partner Connect Portal.

Register for Partner Access

Get free access to SnapLogic Partner resources.

Explore our Partners

Search for partners in our robust global network.

Customers Overview

Our customers’ accomplishments continue to shape SnapLogic’s success.

Integration Nation

Our community for thought leadership, peer support, customer education, and recognition.

MVP Program

Recognizing individuals for their contributions to the SnapLogic community.

SnapLogic Academy

Enhance your expertise about intelligent integration and enterprise automation.

Customer Awards

Highlighting customers and partners who have transformed their organizations with SnapLogic.

Case Studies

Learn more about how our customers benefit from using SnapLogic.

SnapLogic customer logos
Resource Library

Our home for eBooks, white papers, videos, and more.

Blogs
Podcasts
eBooks
Events & Webinars
Getting Help

SnapLogic is here to support you throughout your entire experience.

Support Desk
Documentation
Training Workshops
Sigma Framework
Evolving the Enterprise Virtual Summit

Watch the sessions on-demand!

Generative AI in the Wild West
Generative AI Survey Report

Insights from 900+ respondents

Home Security Standards

Security Standards

Security

Legal Notices

This SnapLogic Security Standards Summary (“Security Summary”) describes the the administrative, technical, and physical controls applicable to the SnapLogic platform (“Services”).

SnapLogic may update this Security Summary from time to time to document changes in security policies for the Services. SnapLogic will, upon request no more than once per year, certify to its compliance with this Security Summary. All capitalized terms used in this Security Summary are defined in SnapLogic’s Master Subscription Agreement, Data Processing Addendum, and/or the applicable ordering documents or Documentation.

Security Overview

SnapLogic uses reasonable methods designed to protect Customer Data from unauthorized access, use, and loss including physical, technical, and administrative safeguards. Customer Data is logically segregated from that of other customers.

Standards and Certifications

SnapLogic annually receives third party audits for compliance with AICPA SOC 2 Type 2, SSAE18 Type II, ISAE 3402 Type 2 standards, as well as the U.S. Health Insurance Portability and Accountability Act (“HIPAA”), including as amended by the Health Information Technology for Economic and Clinical Health Act (“HITECH”). SnapLogic follows OWASP coding practices for product development. The most recent certifications and/or audit summary letters are available upon Customer’s request under NDA.

Encryption

API and web services managed by SnapLogic use TLS 1.2. HTTPS is used for data transmission and remote access over public networks. RSA or AES encryption are used throughout the product which includes protecting Customer Data, databases, and metadata.
Customer Encryption and Authentication Requirements​. Customer is solely responsible for implementing proper security controls on its endpoint devices, including defining the encryption settings. SnapLogic recommends that Customer executes the following best practices whenever possible:

  1. Customer enabling session connection encryption using the then most current implementation of SSL or TLS for any connection between the Customer Apps and the Services.
  2. Where session connection encryption is not available for a particular Customer App, Customer encrypting the data payload using strong encryption (128-bit encryption or better).
  3. Customer utilizing industry-best practice authentication control for user access to the Services.

Storage

SnapLogic does not persist data. By design any temporary storage used by the product is ephemeral storage and only used while a service is running and does not persist after the service is no longer running. Ephemeral storage is used as a non-billable resource included in the operation of a service. Product ephemeral storage is suited for the temporary storage of information that changes frequently, such as buffers, caches, scratch data, and other temporary content during the execution of the application. If the Customer does not configure all of the storage options, the Services will default to SnapLogic’s built in temporary storage.

Authentication

Services are accessible to Customers through authentication protocols, including unique IDs and strong password requirements. Services include optional support for two factor authentication for user access.

Risk Assessment and Penetration Testing

SnapLogic regularly conducts risk assessments, penetration testing, and vulnerability scans. SnapLogic promptly creates a correction plan for any issues that are identified as a result of any vulnerability testing.

Infrastructure Security

The SnapLogic platform operates on Amazon Web Services (AWS) cloud infrastructure. Further information about security provided by AWS is available from the ​AWS Cloud Security​ and the AWS Compliance​ Center. SnapLogic has implemented a patch management process to ensure infrastructure systems are patch in accordance with applicable industry standards. Groundplex Customers are solely responsible for patch management of applications hosted at Customers’ data centers.

Incident Response

SnapLogic maintains a Security Incident Response Plan, which details procedures to be followed in the event of unauthorized access to, use of, disclosure, theft, or manipulation of Customer Data (“Security Breach”). SnapLogic will notify affected Customers of Security Breach within 48 hours from the discovery of the Security Breach. With respect to any Security Breach SnapLogic shall investigate, perform a root cause analysis, and prepare and implement a corrective action plan. Further, SnapLogic shall provide affected Customer(s) with regular updates about the status of the foregoing, copies of any materials prepared in connection with the same, upon Customer’s request, and a written report of any findings when the incident has been resolved.

Business Continuity and Disaster Recovery

SnapLogic maintains a business continuity and disaster recovery program. Policies and procedures are in place to provide Services and Support Services with minimal interruptions, including disaster recovery planning and testing capabilities, recovery site management and standard backup and recovery procedures.

Personnel Security

SnapLogic has established workforce conduct standards, including the following measures:

  • SnapLogic performs background checks on every employee and requires background
    checks from all consultants and contractors who work on customer accounts and/or
    systems;
  • SnapLogic performs annual security and privacy training for all employees;
  • SnapLogic enforces its security and privacy policies throughout the organization.

Need to Report a Security Issue?

If you believe you’ve discovered a vulnerability in SnapLogic’s security, please contact us at [email protected] and we will promptly respond.

Contacting Security Team

All questions regarding SnapLogic’s security standards or this Exhibit should be sent to [email protected] and we will promptly reply.