People Data Labs is governed by its internal Physical and Information Security Policies, a set of policies and procedures designed to keep People Data Labs data and customer data safe and restricts use of this data to their authorized use. People Data Labs performs its own internal audits at regular intervals to ensure ongoing compliance.
We keep our data union safe by using high-grade encryption and the latest generation anti-malware software. Only authorized software engineers have access to information necessary for them to perform their job duties and when access is no longer needed, we make sure to remove it.
Data Encryption Prevention
In order to prevent unauthorized access, People Data Labs has many ways to ensure our data is secure. To ensure security of our platform, People Data Labs continues to follow a continuous monitoring program. We follow this program through the development of proactive and detective capabilities. People Data Labs has an Incident Response Policy that assesses the threat of security incidents and establishes a way to mitigate the problem. Even in the event of a breach, we can ensure our data is secure.
Monitoring Data Systems
Our customer data and infrastructure are monitored and secure. People Data Labs leverages AWS and Elastic Cloud data centers for our customer data and production systems. AWS follows industry best practices and follows strict standards for monitoring access to People Data Labs data.
For more information on AWS Data Center Physical Security, see their physical security whitepaper: https://d0.awsstatic.com/whitepapers/aws-security-whitepaper.pdf
Elastic Cloud handles the following security features for us.
- Prevent unauthorized access with password protection, and role-based access control.
- Preserve the integrity of your data with message authentication and SSL/TLS encryption.
Incident Event Management
As stated in our internal Business Continuity and Disaster Recovery Plan:
-People Data Labs conducts penetration tests on external networks quarterly
- AWS is designed to dynamically deploy applications within the cloud, monitor for failures, and recover failed platform components.
- Backup files are stored redundantly across multiple availability zones and are encrypted.
- For major events, we will notify affected people within 24 hours.
People Data Labs data is distributed across two of the AWS availability zones. We currently use the Oregon and Northern California locations. This posture allows for a more stable infrastructure with redundant servers. The platform has built-in mechanisms to detect non-opoperating or operating in a degraded state. It will automatically scale within the alternate zone to ensure that services remain available and responsive.
All code changes and application updates to our data systems are reviewed for security issues before use. People Data Labs separates development, testing, storing, and production environments in different engineering segments.
We follow guidelines proposed by SOC2 about data security for cloud-based service providers. We also follow both the EU-U.S. Privacy Shield, and the Swiss-U.S. Privacy Shield best practices under the U.S. Department of Commerce and European Commission Privacy Shield program.
All People Data Labs owned servers have quarterly security updates, and intrusion detection systems monitor for all possible security incidents.