Frequently Asked Questions
We understand that sharing confidential information raises security concerns. This document explains the why, how, where, and who behind the data we collect, so you can be assured in using Access360. If you have any further questions, our team is ready to answer them one-on-one!
What data is Access360 accessing?
Access360 analyzes your SSO configuration and event logs. Applications, Policies, Identities, Authenticators, Delegate Identity Providers.
What is Access360 doing with my data?
Access360 analyzes your SSO configuration and event logs to assess risk in your environment.
How are you securing my data? Where?
We take data security extremely seriously. Your data is secured within our AWS account following best industry practices. This includes:
  • Robust Encryption: Your data is protected at rest and in transit using strong encryption standards.
  • Strict Access Controls: Access to your data is tightly controlled and monitored.
  • Secure Infrastructure: Our AWS environment is configured with security as a top priority.
  • Regular Monitoring and Updates: We proactively monitor for threats and continuously apply security updates.
What's the strength of the encryption?
We use industry-leading encryption standards to keep your data safe. At rest, your data is protected with AES 256-bit encryption, which is considered virtually unbreakable by current computing power. In transit, your data is secured with TLS 1.3 (TLS 1.2 minimum fall back).
Who has access to this data?
We employ the principle of least privilege, when granting access to any customer data.
Whats the process for deleting my data?
Risk reports and SSO connection data can be deleted from the Access360 console.
Where is data stored? How long until data is deleted?
The data is stored in our AWS database. Data is deleted by the user through the Access360 console.
Further Questions
If you need more details to run a risk assessment, please contact us!
SOC Certification