This is the Data and Security Policy of Sudo Technologies, Inc. It describes the organizational and technical measures Sudo implements platform-wide in order to prevent unauthorized access, use, alteration or disclosure of customer data. As described in greater detail in this policy, we take the protection of customer data extremely seriously.
The following are security features regularly implemented on all servers and systems that comprise the Sudo Service.
Regular updates of OS, applications, and database security patches
Firewall (security groups) configurations.
Managing and monitoring server accounts and server access. Managing and monitoring system and application resources.
Logical data separation across customers.
Encryption of data in transit across untrusted networks and for data at rest (see below).
Rotating two-factor authentication required for all administrative access to production systems
Sudo uses customer data only to provide the Sudo Platform in strict accordance with each
customer’s service agreement with Sudo. Sudo does not share or resell any customer data. Sudo does not produce any reports or summaries based on the content of customer data.
Customer data is stored in Sudo’s production environment within AWS and protected by AWS security as described at http://aws.amazon.com/security/sharing-the-security-responsibility/. Access to the production environment is restricted to a small number of Sudo personnel who require access as part of their job functions. No other personnel access is permitted.
Customer data stored in Sudo’s production storage environment for all customer accounts is
fully encrypted using AES 256-bit encryption in gcm mode. In the course of standard operations, Sudo has no visibility into encrypted customer data.
We encrypt the following information:
Oauth tokens: Oauth tokens (e.g., Salesforce, Google) are encrypted in our system using the AES 256 algorithm in gcm mode. The key is 128 bits and is kept in an environment variable. We have a 32-bit length secure random salt unique per user and a 32-bit length secure random initialization vector unique per encrypted value.
CRM data: We store a cache of CRM data (e.g., contacts, account, etc.) for rapid querying. The cache is stored in a key-value data store on a record-by-record basis (i.e., each record has a unique UUID identifier). The records are all encrypted using the AES 256 algorithm in gcm mode. The key is 128 bits and is kept in an environment variable. Each record has a unique 32-bit length secure random salt and a unique 32-bit length secure random initialization vector.
All network communication is done via SSL connections. Our API can be accessed through the internet through the load balancer accepting only ssl connections through the port 443. This endpoint is open only to enable some back office systems and third party systems such as Twilio and Slack. All these interactions validate a short-lived and action specific JWT token for authentication and authorization. User requests to this system are transmitted via Slack messages through the Slack real time api.
The company’s CRM System remains the system of record for all sales activities. If a company terminates their relationship with us, we immediately delete our cache of their CRM data.
We use Splunk as a service to log errors and events in our production infrastructure. We ensure that no sensitive information is being logged. Logs are disposed of every 90 days.
All messages sent to and from Sudo are the proprietary data of Sudo Technologies, Inc. and records of those messages will not be deleted, even upon termination of our relationship with the customer.
Internal network traffic is strictly controlled to allow only traffic that is required to deploy and run systems. There is no direct access to the internal network and it can only be accessed through a gateway machine. Only users that have a business purpose to access to the network have permission to log in. We enforce 2-step authentication to access our AWS console and Google developer account. All machines in our infrastructure are ephemeral and are created and disposed of automatically by our infrastructure depending on the load of the system. Machine packages and services cannot be configured and installed from inside of the machine- they can be set only through peer reviewed configuration code versioned in our code repository.
External traffic is only allowed through a load balancer. Only ssl traffic through port 443 is allowed. The traffic is proxied by the load balancer to a single machine in our cluster, which serves our application running inside of a docker container. The OS version and packages are kept up-to-date using latest stable and without known vulnerabilities versions, to avoid external users exploiting them. All our code is peer reviewed and security is considered on every review.
Sudo will notify customer promptly in writing upon verification of a security breach of the Sudo service. Notification will describe the breach and the status of Sudo’s investigation. Sudo will provide commercially reasonable assistance to customer to determine whether a verified security breach of the Sudo service affected customer data.
The Sudo service is exclusively hosted on Amazon AWS in the US-West-2 region. Amazon does
not disclose the location of its data centers. As such, Sudo builds on the physical security and environmental controls provided by AWS. See http://aws.amazon.com/security/ for details of
AWS security infrastructure. For AWS SOC Reports please see https://aws.amazon.com/compliance/soc-faqs/.
Our physical offices do not contain any sensitive equipment. We forbid employees from leaving computers in the office overnight. Employees’ computers are encrypted and are configured to automatically logout after 5 minutes of inactivity. Also employees are encouraged to logout every time they leave their computers unattended. The computers are configured with a shortcut to make this easy.
The following are the responsibilities of the customer in order to ensure the security of access to the Sudo service
Managing its own user accounts and roles from within the Sudo service.
Protecting its own account credentials.
Compliance with the terms of customer’s service agreement with Sudo, including with respect to compliance with laws.
Promptly notifying Sudo if a user credential has been compromised or if customer suspects possible suspicious activities that could negatively impact security of the Sudo service or
customer’s account.
Customer may not perform any security penetration tests or security assessment activities without the express advance written consent of Sudo.
Our business and services may change from time to time. As a result, at times it may be necessary to make changes to this Data and Security Policy. If we make changes, we will notify you by revising the date at the top of this page. If we make material changes, we will do so in accordance with applicable legal requirements, and we will post a notice on our website alerting you to the material changes prior to such changes becoming effective. Your continued use of our services after any changes or revisions to this Data and Security Policy will indicate your agreement with the terms of such revised Data and Security Policy.
You may contact us by mail at 530 Oak Grove Ave, Suite 207, Menlo Park CA 94025 and by email at support@sudoai.com.
