Try Spotlight Cloud ProSign in

Security FAQ

Your Data is Safe

Data Protection is our highest priority


Spotlight Cloud tracks performance, not data.

  • We collect performance metrics from the Hypervisor, Operating System, and the monitored database. Read more, here.
  • We don’t extract data from your database. We extract performance metrics that tell us how well your database is running.
  • All SQL Server connection detail remains on premise. None of this is uploaded to the cloud.


Do you upload any data from our database?

  • Spotlight Cloud tracks SQL that is executed and the query plans used to execute it. This may contain fragments of data by way of string literals. At request , we remove these to prevent any accidental/unexpected upload of data. 


Why is Spotlight Cloud more secure than an on-premise monitoring tool?

  • Our data center provider, Microsoft Azure, maintains ISO 27001, SOC2 Type II, and many other certifications. More information, here.
  • Because Spotlight Cloud is a SaaS product, any vulnerability patching is applied instantly to everyone.
  • Out of date software is frequently responsible for exposing an organization’s security vulnerabilities. Microsoft has a dedicated team that works 24/7 to ensure their infrastructure is patched and updated in response to any security threats. Similarly, Spotlight Cloud’s security team works to ensure Spotlight Cloud’s code is kept up-to-date and responds to any security threats that many arise.
  • Spotlight Cloud’s infrastructure and application undergo annual penetration testing by an independent third party penetration testing firm.


How do you store the uploaded performance data?

  • Spotlight Cloud stores all data in Azure Cosmos DB.
  • All data is encrypted with AES 256. This is the same top-level encryption used by the NSA and US government right now. 


How do you protect data while it’s being uploaded?

  • Spotlight Cloud data is encrypted in transit using TLS 1.2. 


How long do you store the data?

  • Currently, we keep the performance data related to paid accounts for one year for trend analysis. 


What happens to my data after the trial?

  • At the end of your 30-day trial, data will be purged after 60-days. 


Can I request to have my data removed from Spotlight Cloud and get verification?