Sekure Cloud Platform – Security and Privacy

Sekure is the first data driven, people powered data governance solution built for the modern cloud-collaboration platforms such as G Suite, Office 365. Native to the cloud, Sekure automatically classifies data in the cloud, provides visibility on data compliance and rapidly detects data loss, leaks, insider threats, as well as speeds up overall incident response – all without lengthy deployments, complex policy management or blocking employee productivity.  With Sekure, your team can protect sensitive data from accidental or unintentional leaks while fostering an open and collaborative culture for employees.

Our software is designed to request the most limited access to customer resources to achieve a seamless data governance experience. We are continuously mindful of our customer’s privacy and limit access to all customer data on a need to know basis internally.

Sekure applies best security practices retaining a minimal amount of customer data and operating with the fewest privileges necessary to provide a great experience to our users.

This page provides an overview of platform-related privacy, security, and compliance.

Sekure

Sekure – Security Statement:

Security and privacy are important to you and the people you work with. We adhere to two clear security and privacy principles: your data is yours, alone, and we must ensure security and privacy throughout the data governance process for our customers and your contacts. 

– Team Sekure

Worry free cloud connection

G Suite
Sekure
office 365
Zero knowledge
Secure authentication
Zero email access
Sekure never stores personally identifiable information associated with your connected cloud data like employee contact information and addresses. We only use your connected cloud data to read file and user metadata to provide actionable intelligence.
Sekure offers Google and Office365 customers a secure OAuth connection—meaning Sekure never reads or stores your or your employee cloud login credentials or passwords.
Sekure never accesses your email contacts or address book. We also do not read the emails you send and receive associated with your connected email account or calendar.

It’s your data, not ours—and we work hard to keep it secure

Sekure has a dedicated team of security and DevOps engineers to ensure rigorous privacy and security standards are met. Here are the policies, procedures and technologies we use to comply with and/or exceed industry standard requirements.
Data Hosting

Amazon Web Services

Sekure leverages all of the platform’s built-in security, privacy and redundancy features. AWS continually monitors its data centers for risk and undergoes assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under: ISO 27001, SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate and Sarbanes-Oxley (SOX).
Google
Sekure’s data classification apps are hosted on customer’s Google Cloud platform. Sekure does not have access to or store customer data. Your data resides within your GCP account.
Encryption
Data that passes through Sekure is encrypted, both in transit and at rest. All connections from the browser to the Sekure platform are encrypted in transit using TLS SHA-256 with RSA Encryption. Sekure requires HTTPS for all services. Sekure uses HSTS to ensure browsers interact with Sekure only over HTTPS and is on the HSTS preloaded lists for both Google Chrome and Mozilla Firefox.
Security and Compliance Programs
Background checks
All Sekure employees go through a thorough background check before hire.
Training
While we retain a minimal amount of customer data and limit internal access on a need-to-know basis, all employees are trained on security and data handling to ensure that they uphold our strict commitment to the privacy and security of your data.
Confidentiality
All employees sign a confidentiality agreement before they start at Sekure.
Software Development Lifecycle
Routine audits
Sekure continuously scans the product for service interruptions, performance degradation and security vulnerabilities to immediately alert our engineers and take action when an incident has been detected.
New releases
New releases to the Sekure platform are thoroughly reviewed and tested to ensure high availability and a great customer experience. Changes to our codebase are required to include end-to-end tests. Changes are run against our continuous integration server, which enables us to automatically detect any issues in development.
Quality assurance testing
Once a changeset is completed, it is manually peer reviewed by one or more members of the engineering team. The changeset is then evaluated and manually tested by our quality assurance team to thoroughly test areas of expected impact, regression test and further evaluate the user experience.
Continual monitoring
After a changeset is released, we continue to monitor application exceptions and log exceptions. These exceptions are regularly reviewed and triaged for resolution. Performance impacts of the changeset are monitored through several monitoring services.
Vulnerability Control
Mobile device management (MDM)
We secure our employees’ machines and laptops using robust device management software to ensure that each device follows our information security standards, including encryption.
Malicious software prevention
Our employees’ equipment is defended by anti-malware software, and we run routine phishing tests to further educate and train employees.
Vulnerability scanning
We keep our systems up to date with the latest security patches and continuously monitor for new vulnerabilities through compliance and security mailing lists. This includes automatic scanning of our code repositories for vulnerable dependencies.
Application Security Measures
Login credential protection
For Google Calendar and Office365 calendar connections, Sekure never collects passwords. Using a secure OAuth connection you grant Sekure access to metadata of the files and folders stored in the cloud collaboration platforms. This also enables you to set additional security precautions with that provider including 2-factor authentication (2FA).
Deprovisioning
Since Sekure offers seamless OAuth through Google and Office365, cloud connection is eliminated automatically when your account is canceled.

GDPR committed

We have incorporated GDPR standards into data practices to make sure our customers, whether citizens of the EU or businesses with European customers, feel secure to use Sekure Cloud.