Here are the main security highlights for Raven Cloud:
- We never sell, trade, rent or license your data, at any time, for any purpose.
- Secure Sockets Layer (SSL) / Transport Layer Security (TLS) are used to protect data in transit between Raven applications and with third parties
- Data and files at rest are automatically encrypted using 256-bit Advanced Encryption Standard (AES) for all storage buckets and databases
- Raven Cloud account owners can grant and limit user access permissions, with 5 user-friendly roles
- OAuth authorization protocol is used when connecting to third party cloud services, providing secure delegated access to send documents to your preferred cloud service. OAuth generates a token and secret for Raven to use to authenticate, without ever sharing user login credentials to the third party service.
- Data centers for document storage include state of the art layered security including electronic access cards, alarms, vehicle access barriers, perimeter fencing, metal detectors, and biometrics. Data center floors are protected by laser beam intrusion detection, and are monitored 24/7 by high resolution cameras and AI-detection for intruders.
- Every customer account has their own unique encrypted Raven Cloud document storage container, keeping each customer's documents stored independently of other accounts.
- Logical role-based access controls (RBAC) ensure only a very limited group of Raven reliability engineers can access systems to ensure reliability of service. In addition, access requires multi-factor authentication (MFA), for all systems.
- Management controls ensure internal access is granted only by senior management for resolving service reliability issues. Access logs and permissions are routinely audited and documented.
- Raven undergoes independent verification for security, privacy and compliance controls. Security and privacy are always top of mind, with a continued focus on standards conformance and compliance.
- End to end encryption
- HIPAA compliance