Privacera Platform master publication

Privacera Responsibility

:

The following are the responsibilities of Privacera.

Access, Authentication, and Authorization
  • Support customer use of:

    • Single sign-on (SSO) and Multi-factor Authentication (MFA) via Okta, Azure Active Directory, and others

    • User provisioning via System for Cross-domain Identity Management (SCIM) 2.0

  • Secure metadata derived from sensitive information in customer datasources

    • Secure samples of such information obtained when using Privacera Discovery

  • Secure credentials used to access customer datasources

Secure development
  • Use threat models to inform secure product design

  • Mandate code reviews prior to merging

  • Execute regular static and software composition analysis

  • Uphold Apache Ranger heritage

  • Conduct frequent penetration testing

  • Maintain coordinated vulnerability disclosure (CVD) program to facilitate receipt of information regarding security issues

Information Technology systems
  • Conduct background checks of all employees

  • Require Mobile Device Management (MDM) and deploy Endpoint Detection and Response (EDR) on company-issued devices

  • Mandate Virtual Private Network (VPN) and MFA usage for accessing production systems