We take security seriously at Motiva AI. Here’s a brief look at how.
Data Center Security
Motiva AI’s SaaS platform is hosted at a Tier 1 data center of the world’s leading cloud services provider. Our hosting partner has multiple global certifications including, but not limited to, SOC1/2/3, ISO27001, SSAE 16 and EU/US Safe Harbor. Their data center and hosting services provide the following security measures:
- Physical access is strictly controlled by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means.
- Two-factor authentication multiple times to gain physical access to data center facilities.
- State-of-the-art fire detection and suppression.
- Advanced power, climate, and temperature management and controls.
- Redundant internal networks.
- Fully redundant electrical power systems maintainable without impact to operations, 24 x 7.
- Uninterruptible Power Supply (UPS) units provide back-up power in the event of electrical failure for critical and essential loads in the facility. Generators provide back-up power for the entire facility.
- Designated, dedicated and controlled network that is fully separated from the public Internet.
- Our network model implements multi-tiered subnets to segregate web, application and database traffic.
Secure Data transmission & Session Management
- Data transmission encrypted using SSL 3.0 / TLS 1.2.
- User sessions are tokenized during the login; each transaction is verified using session tokens
- Data is fully encrypted in transit and at rest.
- Storage is in a private VPC that is inaccessible from the public Internet.
Tapeless Backup & Recovery
- Operational, Customer and IP data is backed up regularly and periodically tested.
- Electronic backup to redundant data centers allows full restoration of customer and application data.
- Tapeless (disk to disc) backup provides additional security.
Security Monitoring and Assessments
- We evaluate application and network vulnerabilities on a regular basis.
- We monitor notifications and alerts from various sources to continually assess and remedy potential security risk.