Your Data is Safe
Data Protection is our highest priority
Spotlight Cloud tracks performance, not data.
- We collect performance metrics from the Hypervisor, Operating System, and the monitored database. Read more, here.
- We don’t extract data from your database. We extract performance metrics that tell us how well your database is running.
- All SQL Server connection detail remains on premise. None of this is uploaded to the cloud.
Do you upload any data from our database?
- Spotlight Cloud tracks SQL that is executed and the query plans used to execute it. This may contain fragments of data by way of string literals. At request , we remove these to prevent any accidental/unexpected upload of data.
Why is Spotlight Cloud more secure than an on-premise monitoring tool?
- Our data center provider, Microsoft Azure, maintains ISO 27001, SOC2 Type II, and many other certifications. More information, here.
- Because Spotlight Cloud is a SaaS product, any vulnerability patching is applied instantly to everyone.
- Out of date software is frequently responsible for exposing an organization’s security vulnerabilities. Microsoft has a dedicated team that works 24/7 to ensure their infrastructure is patched and updated in response to any security threats. Similarly, Spotlight Cloud’s security team works to ensure Spotlight Cloud’s code is kept up-to-date and responds to any security threats that many arise.
- Spotlight Cloud’s infrastructure and application undergo annual penetration testing by an independent third party penetration testing firm.
How do you store the uploaded performance data?
- Spotlight Cloud stores all data in Azure Cosmos DB.
- All data is encrypted with AES 256. This is the same top-level encryption used by the NSA and US government right now.
How do you protect data while it’s being uploaded?
- Spotlight Cloud data is encrypted in transit using TLS 1.2.
How long do you store the data?
- Currently, we keep the performance data related to paid accounts for one year for trend analysis.
What happens to my data after the trial?
- At the end of your 30-day trial, data will be purged after 60-days.
Can I request to have my data removed from Spotlight Cloud and get verification?
- Yes. Please email firstname.lastname@example.org for more information.