Security & Compliance
At Extract, we prioritize the security and compliance of your data. Our platform is engineered by data professionals with cybersecurity expertise, ensuring your data remains protected and confidential throughout its lifecycle.
Compliance Excellence
Extract not only meets but surpasses industry standards, holding certifications such as SOC 1 & SOC 2, ISO 27001, and adhering to regulations like GDPR, HIPAA, and COPPA. This commitment provides you with confidence in our data protection measures.
Reverse ETL Architecture Review
Extract Reverse ETL manages the transmission of data to destination applications and does not store any of the data being passed through
-
Processed data is never copied or stored on Extract servers
-
Use cases requiring 'diffing', data is temporarily stored in cloud and deleted after transmission
Robust Data Security
-
Infrastructure Security: Our cloud infrastructure follows best practices, implementing rigorous security measures and protocols.
-
Data in Transit: We employ strong encryption protocols to safeguard data during transmission, ensuring its confidentiality and integrity.
-
Data at Rest: Your data is encrypted using AES 256, and we enforce strict separation of permissions and roles to maintain confidentiality.
-
High Availability: Our servers operate across availability zones with automatic snapshots, ensuring business continuity and data protection against disruptions.
System and Product Security
-
Network Security: Internal networks are accessible only via secure VPNs, and all network traffic is encrypted using TLS.
-
System Security: We apply least-privilege principles, limit access to authorized personnel, and conduct regular third-party audits and penetration testing.
-
Product Security: Extract maintains comprehensive audit logs for all events, including logins, user edits, source connections, and data deletions.
-
Single Sign-On (SSO): We support Enterprise SSO (SAML) and integrations with Google/GitHub, facilitating secure access management for teams.