Security at AnswerRocket
AnswerRocket is committed to ensuring the security and privacy of our customers’ data.
AnswerRocket Security Program
Security is essential for the data of any enterprise, and AnswerRocket was built from the ground up with that simple fact in mind. AnswerRocket is designed to help you maintain security of your data while putting it to work for your business.
Data Security
Data is encrypted in transit via HTTPS. Data is encrypted at rest at the data storage layer. Data encryption at rest in the AnswerRocket cloud is controlled by AnswerRocket at the request of the customer. Data encryption at rest outside the AnswerRocket cloud is controlled directly by the customer.
Data Access
Administrators can customize data permissions and set row-, column-, and table-level security to ensure that access to sensitive data is carefully controlled and governed. Admins can also define entitlements guiding access rights at the user-, role-, and group-level. In this way, data access can be controlled as needed across individuals, job roles, departments, geographies, and so on.
The data access rights defined by administrators are applied to the reports and analytic views created by users. So even though users may share generated analysis with other users as they see fit, the data access rights are automatically applied, rendering any sensitive data unviewable to those lacking the necessary permissions.
Authentication
AnswerRocket is only available with secure authentication of the requesting party, whether that is a person interacting with a system or an administrator configuring an automated export. Policy-strength passwords are secured both in transit and at rest. All activities are tracked against the authenticating party and validated for their allowed actions and data scope.
AnswerRocket supports real-time authentication via LDAP or SAML. AD is a supported identity provider. In addition, AnswerRocket has its own user management system for customers that don’t wish to integrate using these protocols.
Audit Logging
AnswerRocket has full audit trail support for user and administrator security-related actions. This includes login success/failure, creating users, changing passwords, and other sensitive functions. The log is only viewable to administrators. No edit functionality is provided to users or administrators.
Usage Monitoring
For tracking user access, we track every question with its date and timestamp. This information can be exported; exports are logged by the application. We also have pre-built reports and dashboards about usage.
Infrastructure Security
The AnswerRocket platform is hosted on Amazon Web Services. We leverage AWS security products embedded within the AWS ecosystem including KMS, GuardDuty, and Inspector.