Visualr Security & Privacy Overview

Architecture and Hosting

Visuar is a software-as-a-service platform for data analytics and visualization.

This document outlines the security architecture of Visualr as well as topics related to the security of database connections and your data.

The Visualr platform is deployed and runs on Amazon Web Services in the ap-south-1 region of AWS located in Mumbai, India. Visualr does not utilizes any other 3rd party services.

Visualr leverages a set of best practices that guarantee the system security and data privacy:

  • Share-nothing/stateless approach to services
  • Multi-layered approach to system security and system/data access
  • Strong encryption of data in transit and at rest
  • Auditing of all operations, all changes can be attributed to a user account
  • Continuous monitoring both from inside and outside

Here is a basic overview of the Visualr architecture as it relates to the end user, Visualr backend services and connection to a customer’s data source:

Database connection security

To be able to run queries that power the analytical reports, Visualr needs access to your Database or Data Warehouse. Visualr supports all the best practice approaches (that evolved over last 4 years of growing use and acceptance of Cloud BI tools) to establishing this access securely. This applies to both connections to databases installed on own servers on cloud providers or own HW behind a firewall.

The following approaches are used:

  • Firewalling Visualr access based on IP addresses and database-specific port number
  • Using SSL encrypted connection for the database connection, if supported by the database
  • Using SSH tunnel to proxy access to the database through a hop-server
  • Encouraging the use of a Visualr-specific read-only user in the database to further restrict access/operations allowed to be performed on the database via Visualr

How Visualr uses data in your database

Visualr is based on Lite DB and as such does not perform other operations on the database than running specific SQL queries for getting database metadata and running user-entered SQL queries to fetch the data that power the analytical reports.

The results of the database schema queries are stored as metadata on the data source, as long as the data source / account exists.

The results of the report query executions are stored in an in-memory Cache in the Visualr backend for up to 24 hours. After 24 hours, all the data are automatically purged and no copies of it are retained.

The queries that Visualr perform against your database are:

  • On initial connection to a database, Visualr runs SQL queries to determine metadata about the database (version, time zone, number of connections allowed) and the schema of the database (schemas/tables/columns).
  • On running a query in the query editor, the SQL (a result of applying parameters and/or SQL snippets when used) is executed against the database. The exact SQL query executed can be seen the Results tab in the Query editor.
  • For saved reports on a dashboard, the report query is executed against the database each time:
    • The report is manually refreshed (User clicks “Refresh” on the report or the dashboard)
    • Visualr also allows the Dashboard report to be auto-refreshed at configured interval
    • The dashboard is accessed and the result data are not present in the Visualr cache
    • The dashboard parameters are changed and the results for that concrete combination of parameters is not in the Visualr cache

Data security and encryption

Any data that is either related to your account or a result of one of the analytical queries is subject to strong security, both in transit and at rest.

In transit

In transit, security refers to the security of the data as it is transmitted between the Visualr services and the end user’s computer. All Visualr communication is performed over HTTPS/SSL connection for both HTTP and Web sockets traffic. Visualr API is never served via a basic unencrypted HTTP connection, other than performing a redirect operation to let clients switch to HTTPS.

All API operations that contain account information or data need to be authenticated.

Encryption at rest

Visualr stores all account/user data in a database that is encrypted at rest and all backups of the data are encrypted. User passwords are stored with a best practice strong one-way hashed/salted encryption and cannot be decrypted. Database connection passwords or authorization strings are stored encrypted using a 256-bit key.

Access security

All Visualr APIs that provide read and/or write access to the account data is authenticated and require authorization via user email and password.

The result of user authentication is a session with a time-limited validity and an access token that authorizes the API access.

The following measures are implemented to prevent abuse:

  • Minimum length requirement for user passwords to be at least 8 characters.
  • Email confirmation required for any new user account or changes to the users’ email address
  • Reset password via best-practice email link

Monitoring

Visualr employs a wide range of monitoring services that guarantee the uptime of the Visualr platform and allow to respond quickly to any operational problems.

This includes:

  • Server log monitoring
  • Server components and services availability monitoring
  • Browser error monitoring

Data backup & archiving

Data backup

Visualr never stores results of your analytical queries other than the in-memory results cache (kept for up to 24 hours and purged automatically afterwards).

Account data are stored as part of a database backup in an encrypted form. The backups are kept for a limited time (generally 30 days).

Physical media management

All data copies are handled by native Amazon AWS functions. Amazon AWS uses Guidelines for Media Sanitization (NIST 800-88 or DoD 5220.22-M) where all physical devices are destroyed in Amazon premises and no storage can leave Amazon premises.
Detailed description can be found at the AWS Security Whitepaper page 8, paragraph “Storage Device Decommissioning”.

Certifications & Compliance

Amazon AWS complies with some of the most demanding certifications, namely:

  • Sarbanes-Oxley (SOX) compliance
  • ISO 27001 Certification
  • PCI DSS Level I Certification
  • HIPAA compliant architecture
  • SOC1 Audit, SOC2, SOC3
  • FISMA MediumATO
  • Service Health Dashboard

For a full up-to-date list of certifications and compliance audit reports see https://aws.amazon.com/compliance.

Responsible Disclosure Policy

If you are a security expert or researcher and you believe that you have found a security issue in Visualr, we encourage you to notify us at support@visualr.io.

Please make a good faith effort to protect our users’ privacy and data.

We look forward to working with you to resolve the issue as soon as possible.