Security & Performance
Security you can depend on.
Since day one, Crelate has been performance and security- focused at every level. Every Crelate team member has been through security training and background checks. Our product team holds us accountable through stringent code reviews, performance testing, and vulnerability scans. We do this so you can breathe easy.
- Built on Microsoft Azure
- Multi-tenant Environment
- 100% Encrypted at Rest
- Geo-redundant Backups
Our platform security and stability
Crelate follows industry best practices and is hosted in Microsoft’s Azure cloud-computing environment which is SOC 1 and SOC 2 compliant. We are a long time Microsoft Partner and our engineering team has been working with the Azure platform from its inception – one of the most trust cloud providers around.
Azure meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, and SOC 1 and SOC 2. A complete and up-to-date list of certifications can be found on Microsoft Azure’s Compliance Page.
Architecture
Crelate has implemented multi-tenancy in layers and exceeds industry best practices at each tier of our application to ensure data is never co-mingled. Preventing unauthorized access to customer data is a top priority for Crelate. To help reach this goal, we have taken an “encrypt everything“ approach whenever possible and wherever customer data being handled.
Encryption
- All production servers are configured to have their underlying storage protected by Microsoft Azure Encryption at Rest services.
- All backups are encrypted directly from the SQL server using AES-256 encryption.
- 100% Encrypted at Rest
Segmentation
- All data within our Microsoft SQL Server database is segregated based on a unique tenant ID.
- Our search and reporting solutions are built on Elastic Search. Customer data files such as attachments, resumes, etc. are stored in a Microsoft Azure Storage Blob.
- Each customer is provisioned a unique Storage Container.