Security Policies

Backups

Customer Objects

Cloudcube brokers controlled access to space within S3 buckets. Objects within these buckets are replicated between at least 3 AWS Availability Zones within the bucket's region giving world-class 99.999999999% durability. Additional copies or backups of objects are not stored by Cloudcube, but objects may be downloaded at any time via Amazon Web Services' S3 API and CLI for custom backup solutions if needed.

Customer Account Data

Cloudcube stores non-identifying information for each account provision for use in matching a Cloudcube to authenticated requests for dashboard access, add-on upgrades/downgrades, and add-on deprovisions. This data is backed up daily and retained for no more than 1 week.

Disaster Recovery

Customer Objects

S3 automatically replicates object data to a minimum of 3 separate AWS Availability Zones which provides world-class durability and resiliency. If an outage at an availability zone arises, the other zones continue to provide service. Any issue affecting an entire region would be handled by Amazon Web Services Disaster Recovery processes.

See more on S3 here: https://aws.amazon.com/s3/faqs/

Customer Data Retention and Destruction

Objects stored within a Cloudcube S3-space are present for as long as the add-on instance is attached to the provisioning account of the PaaS (Heroku, Manifold, etc) or until the account owner deletes the object(s) from their Cloudcube, whichever is first. The objects are then unrecoverable.

Decommissioning hardware is managed by Amazon Web Services. AWS uses techniques outlined in DoD 5220.22-M (“National Industrial Security Program Operating Manual “) or NIST 800-88 (“Guidelines for Media Sanitization”) to destroy data.

For more information see: https://aws.amazon.com/security