Data Security
Row Zero is designed with security at its core. Our development process applies industry best practices like threat modeling, pen testing, code reviews, Principle of Least Privilege, Assume Compromise, Defense in Depth, and Pyramid of Pain. Secrets are short-lived. No engineer has API access to Prod. We patch regularly. We carefully consider our open source dependencies.
Row Zero is SOC2 Type II and HIPAA compliant. Upon request, Row Zero will provide the latest SOC2 report or sign a Business Associates Agreement for business and enterprise tiers. Outside of those compliance frameworks, additional information about Row Zero's security practices can be found below.
Case Study: Workbook Process Security Posture
It's easy to spout security buzzwords… which we just did. To give you a better sense of how we think about security in practice, next we review our security posture for customer data in an active workbook process:
For many apps, the goal of the attacker is to achieve arbitrary code execution. Row Zero workbooks allow users to run arbitrary Python code in every workbook, so our workbook process is already owned! In the face of malicious user code, we must keep data secure. To achieve that, we apply Defense in Depth.
Defense in Depth means that you assume that you screwed up a risk mitigation and that, in spite of the screw up, customer data is still secure. Here's what that looks like for workbooks:
- Account isolation: Workbooks execute in a different AWS account than the one that durably stores customer data and secrets. This makes it impossible to accidentally expose a database with sensitive data to a row zero user running malicious code in a workbook.
- Process isolation: Workbooks execute in a virtual machine. We don't use Docker or other containers because Docker is not a security boundary.
- Network isolation: Firewall rules ensure that only authorized packets may reach a workbook.
- In-process auth: Even if a malicious packet were to reach a workbook, every workbook process has ephemeral keys so that it can reject invalid requests.
CultureRow Zero's development process is guided by our Engineering Tenets, which help us make tradeoffs during feature development. In priority order, our goal is to deliver a service that is:
Secure - Never leak data
Durable - Never lose data
Available - Never go down
Fast - Never be slow
Affordable - Our customers care about price, so we care about the cost to operate the service.
Security comes first. In practice this means our engineers will never ship a feature that (e.g.) makes the app faster or cheaper to operate at the expense of security.
DependenciesRow Zero is built on AWS. Data is persisted in S3 and DynamoDB and encrypted natively. TLS certificates are managed by AWS Certificate Manager (ACM).
We use Auth0 by Okta for user authentication. This means Auth0 is responsible for storing your salted password hash - it's not anywhere in our system.
Outside supportWe employ outside security consultants to review policies, procedures, and systems for any potential exposure. Penetration testing is performed by outside consultants annually and after any major feature update. Auditors are also used to assess overall compliance with SOC2 requirements on an annual basis.
Customer ControlRow Zero gives customers control of their data which can be valuable when managing privacy considerations, permissions, and contractual obligations.
- Data Deletion - All data associated with a Row Zero account can be deleted upon account closure and customer request.
- User Roles - Row Zero enables users to assign roles to every user of their workbook or organization, limiting what data can be accessed or actions permitted in each workbook.
- Data Access - Row Zero limits credential sharing to restrict access to databases and data lakes. Access to established data repository connections can be shared through workbooks while credentials remain tied to a user.
What data does Row Zero store?For customers using Row Zero's hosted solution, data loaded into a Row Zero workbook is stored within the Row Zero VPC. For customers using the on-prem enterprise product, all-data remains within their own network.
Data use- Row Zero does not use customer data for any purposes.
- Row Zero uses aggregate statistics on usage and performance to improve the product and services.
EncryptionRow Zero is fully encrypted in transit on both public and private networks (RSA 2048). Data at-rest is stored in AWS S3 and Dynamo and encrypted natively.
SupportWe are committed to providing industry leading security to all customers. For any questions regarding our security practices or requests for additional certifications, please send an email to
or
contact us.