This documentation describes the scope of Pulpstream’s data privacy and security policy, including the administrative, technical and physical controls applicable to the services branded as Pulpstream ( “Pulpstream Services”).
Last Updated: February 5, 2020
Pulpstream hosts its servers on Amazon Web Services Infrastructure to host Customer Data submitted to the Pulpstream Services. Each instance of the Pulpstream Services contains many servers and other elements to make it run. Each instance in a primary data center (East coast) has multi-zone fault tolerance and a redundant copy in a secondary data center on the west coast.
The following security and privacy-related audits and certifications are applicable to Pulpstream Services:
Pulpstream’s information security control environment that is applicable to the Pulpstream Services undergoes an independent evaluation in the form of SOC 1 (SSAE 16 / ISAE 3402), SOC 2 and SOC 3 reports. Pulpstream’s most recent SOC 1 (SSAE 16 / ISAE 3402) and SOC 2 reports are available upon request from your organization’s Pulpstream account executive.
Additionally, Pulpstream Services uses third-party software to monitor server security, which includes infrastructure vulnerability assessments and application security assessments.
Pulpstream Services include a variety of configurable security controls that allow customers to tailor the security of the Pulpstream Services for their own use.
The Pulpstream Services operate in accordance with the following procedures to enhance security:
User access log entries will be maintained, containing date, time, User ID, operation performed (created, updated, deleted, login, logout, reset, activate, inactivate, password change), and source IP address. Note that source IP address might not be available if NAT (Network Address Translation) or PAT (Port Address Translation) is used by Customer or its ISP.
User access log entries are available in Account Management.
Logs will be kept for a minimum of 90 days.
Passwords are not logged under any circumstances.
User passwords are stored with a one-way salted hash.
Pulpstream Services come with the capability to configure a password policy. Customers can apply higher levels of policy by changing the company requirements.
Pulpstream personnel will not set a defined password for a user.
Passwords are reset to a random value, which must be changed on first use, and delivered automatically via email to the requesting party.
Pulpstream, or an authorized third party, will monitor the Pulpstream Services for unauthorized intrusions using network-based intrusion detection mechanisms. Pulpstream may analyze data collected by users’ web browsers (e.g., device type, screen resolution, time zone, operating system version, browser type and version, system fonts, installed browser plug-ins, enabled MIME types, etc.) for security purposes, including to detect compromised browsers, to prevent fraudulent authentications, and to ensure that the Pulpstream Services function properly.
All Pulpstream systems used in the provision of the Pulpstream Services log information to their respective system log facility in order to enable security reviews and analysis.
Pulpstream maintains security incident management policies and procedures. Pulpstream promptly notifies impacted customers of actual, reasonably suspected, or unauthorized disclosure of their respective Customer Data by Pulpstream or its agents, of which Pulpstream becomes aware to the extent permitted by law.
Access to Pulpstream Services requires authentication via user ID/password or SAML based Federation as determined and controlled by the customer. Following successful authentication, a random session ID is generated and stored in the user’s browser to preserve and track session state.
Pulpstream supports multi-factor authentication using SMS or Email. Tenants can configure multi factor authentication for each user profile.
Data centers, provided by Amazon Web Service, used to provide the Pulpstream Services have access control systems. These systems permit only authorized personnel to have access to secure areas. These facilities are designed to withstand adverse weather and other reasonably predictable natural conditions, are physically secured by around-the-clock guards, two-factor access screening, including biometrics, and escort-controlled access. They are also supported by on-site back-up generators in the event of a power failure.
All networking components, load balancers, web servers and application servers are configured in a redundant configuration. All Customer Data submitted to the Pulpstream Services is stored on a primary database server with active real time replication for higher availability. All Customer Data submitted to the Pulpstream Services is stored on carrier-class disk storage using redundant devices and multiple data paths to ensure reliability and performance. All Customer Data submitted to the Pulpstream Services, up to the last committed transaction, is automatically replicated on a near real-time basis to the secondary site and is backed up on a nightly basis and stored on backup media for an additional 30 days in production environments after which it is securely overwritten or deleted from the Pulpstream Services.
Pulpstream Services utilize secondary facilities that are geographically remote from their primary data centers, along with required hardware, software, and Internet connectivity, in the event Pulpstream production facilities at the primary data centers were to be rendered unavailable.
The Pulpstream Services’ disaster recovery plans currently have the following target recovery objectives: (a) restoration of the Pulpstream Service within 48 hours after Pulpstream’s declaration of a disaster; and (b) Customer Data will be restored in 24 hours; excluding, however, a disaster or multiple disasters causing the compromise of both data centers at the same time.
The Pulpstream Services do not scan for viruses that could be included in attachments or other Customer Data uploaded into the Pulpstream Services by a customer. Uploaded attachments, however, are not executed in the Pulpstream Services and therefore will not damage or compromise the Pulpstream Services by virtue of containing a virus.
Pulpstream Services use industry-accepted encryption products to protect Customer Data and communications during transmissions between a customer’s network and the Pulpstream Services using HTTPS.
Within 30 days post contract termination, customers may request return of their respective Customer Data submitted to the Pulpstream Services. Pulpstream shall provide such Customer Data via a downloadable file in comma separated value (.csv) format and attachments in their native format.
After contract termination, Customer Data submitted to the Pulpstream Services is retained in inactive status within the Pulpstream Services for 90 days, after which it is securely overwritten or deleted. In accordance with the Reliability and Backup section above, Customer Data submitted to the Pulpstream Services (including Customer Data retained in inactive status) will be stored on backup media for an additional 7 days after it is securely overwritten or deleted from the Pulpstream Services.
Without limiting the ability for customers to request return of their Customer Data submitted to the Pulpstream Services, Pulpstream reserves the right to reduce the number of days it retains such data after contract termination. Pulpstream will update this Pulpstream Security, Privacy, and Architecture Documentation in the event of such a change.
Pulpstream does not track individual user's usage on its service site hosted at us.pulpstream.com.
Pulpstream is committed to achieving and maintaining the trust of our customers. Integral to this mission is following a consistent data privacy and security policy that carefully considers data protection matters for our services, including data submitted by customers when accessing our services (“Customer Data”).