All of DeltaStream services are hosted on Amazon Web Services (AWS) that employs a robust security program with multiple certifications. For more information on our cloud provider’s security processes, please visit AWS Security
Internal security procedures
Multi Factor Authentication (MFA) is used on all internal systems and infrastructure access. DeltaStream Platform is developed to conform fully with NIST guidelines. Services use roles specific to their function. All employees follow SOC2 compliant security policies.
DeltaStream platform infrastructure implements access control based on the “principle of least privilege,” where users are only granted the level of access required to perform their job functions. Role-Based Access Control (RBAC) is used to assign and maintain consistent access controls and access rights. DeltaStream has strict policies for network access and security. Only approved employees and third-parties can access production networks and confidential data, all access to infrastructure resources are audited.
Customer data, including PII and PHI, is stored on AWS cloud and OAuth provider (auth0) using the latest encryption standards. Services used internally by platform include AWS RDS, S3, MSK and/or Kinesis, these are configured using best security practices recommended by AWS. Additionally, customer provided credentials and secrets are stored using Hashicorp Vault with DynamoDB (using encryption at rest) as backend. All backup artifacts for disaster recovery are further encrypted using multi-region KMS Keys.