Data Security
Do Holistics store my application data?
Holistics works without the need to store or sync a copy of your database data in our servers. This means that your data sits securely within your system at all times. You retain full ownership and control over your data.
When a user accesses the report, we will send a SQL query to your database for processing. Once the query completes, Holistics will display the results to your browser.
Holistics stores a few things:
Metadata: we store metadata (definitions) of your reports, filters, dashboards, etc. Some examples of metadata are SQL syntax definitions, report description, chart type and specific custom settings describing the nature of the report.
Cache: Holistics gives you the option to set a cache for your reports, dashboards and filters. This speeds up access to your data, and also protects your database against repeated queries. The cached data will expire after a determined period of time. No cache data will ever be stored forever on Holistics servers.
My database is behind private firewall, how do I give access to Holistics?
It's common for your database to be behind private network/firewall (in fact we recommend it be that way). To securely open your DB for Holistics to access, there are 2 ways:
- IP Whitelist: You whitelist Holistics' IP addresses so that Holistics can connect to your DB
- SSH Tunnel: You setup a secure SSH tunnel from your DB to Holistics Network, so that all traffic will go through this secure tunnel.
For more information, read more here.
Since we'll be storing our database credentials in Holistics, how do you protect them?
We apply AES encryption before storing your credentials inside our database. The credentials are then decrypted on the fly whenever we make a connection to your DB server, and the raw credentials are never persisted anywhere. The encryption key resides in a different server than the DB server.
Our DB server is under a private VPC network and is only accessible by our app servers. Furthermore, our app servers are also behind VPC.
Where are your servers hosted?
Our servers are hosted with a reputable data center provider based in Singapore.
How do I track what data/reports my team has accessed?
Holistics provides you real-time activity logs and audit trails to know the reports your team access to, the IP they accessed from, and their respective usage activities. Enterprise clients can also get more specific and detailed information on a regular basis.