Skip to content
Announcing Endpoint Agent General Availability!  LEARN MORE

Your data is always safe

Protecting your data is fundamental to everything we do. We have invested in industry-leading infrastructure and constantly strive to ensure your data is always secure with bank-level security.

World class protection

With Sinefa's cloud, not only are infrastructure headaches removed, but so are many of the security issues that come with them. Sinefa utilizes world-class, highly secure data centers with state-of-the art electronic surveillance and multi-factor access control systems. Data centers are staffed 24x7 by trained security guards, and access is authorized strictly on a least privileged basis. Environmental systems are designed to minimize the impact of disruptions to operations. Multiple geographic regions and Availability Zones allow us to remain resilient in the face of most failure modes, including natural disasters or system failures. Sinefa uses Amazon’s AWS public cloud.

Metadata collection, encryption and storage

Metadata is the description of the data going through the network (and not the actual data itself) - see Sinefa encrypts metadata in flight and at rest. This means metadata is encrypted when sent to the cloud and remains encrypted when stored in the database.

Sinefa Probes inspect network traffic at Layer 7. This means that packet headers are inspected for the purpose of accurate classification of the traffic. Inspection and classification is performed on the Probe which in turn derives the metadata of the traffic.  The Probe itself does not store any form of network data or metadata, instead, the fully formed metadata is compressed, de-duplicated and encrypted with industry-standard encryption and then sent to the cloud over a Secure HTTP session.

Where is the metadata stored

The metadata is stored in a private, redundant cloud database. Customer metadata is securely segregated and stored in separate databases, each Sinefa account has a dedicated database and data is not mixed with other customers.

Storage of the metadata varies by region in which the customer is located. Customer metadata is contained within in a single region. Current regions include US, Singapore, Australia & Germany. Sinefa uses Amazon’s AWS public cloud to process and store metadata.

Alternatively the metadata can be stored inside the customers network when Sinefa Cloud Edge is used, in which case the metadata never leaves the customer network.

Can I delete my data?

Cancelling a Sinefa subscription will delete all copies of the customer data.

Multiple firewall layers and network security

External access to our servers is controlled by multiple layers of firewalls, intrusion protection systems and routers. These are configured, monitored and updated according to industry best practice.

Data is securely stored online

With Sinefa, your data is not stored on your computer. If your PC, laptop or tablet gets lost or stolen, you don’t lose your data.

You're in control of user access

No one has access to your organisation’s data unless invited by you, and with a level of user permission set by you.

Your privacy is our priority

We take your privacy seriously and believe the security of your data is key to earning your trust. Find out more about our Privacy Policy.

Regular third-party audits and inspections

We know that it’s important for you to understand the protection measures that are used to guard the Sinefa cloud infrastructure. But since you can’t physically touch the servers or walk through the data centers, how can you be sure that the right security controls are in place?

The answer lies in the third-party certifications and evaluations that Sinefa's cloud provider has undergone. It has achieved ISO 27001 certification and has been validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS). The data centre undergoes annual SOC 1 audits and have been successfully evaluated at the Moderate level for Federal government systems as well as DIACAP Level 2 for DoD systems.

Each certification means that an auditor has verified that specific security controls are in place and operating as intended.