Data Security Practices
Faasera is built from the ground up with enterprise-grade security to protect sensitive data across all workloads,
whether on cloud, hybrid, or on-prem environments.
Encryption Standards
- In-Transit: TLS 1.2+ encryption for all API, function, and SDK communication.
- At-Rest: Configurable encryption using AES-256 or customer-managed keys (CMK).
- Column-Level Masking: Masked values never leave the platform unprotected.
Key Management
- Supports native integration with:
- AWS KMS
- Azure Key Vault
- Google Cloud KMS
- Local KMS abstraction for on-prem deployments.
- Key rotation, revocation, and versioning fully supported.
Authentication & Access Control
- RBAC: Role-Based Access Control with fine-grained permissions.
- SAML / OIDC: Supports SSO integration with enterprise identity providers.
- API Key Management: Token-based auth for external tools and systems.
Auditing & Monitoring
- Every interaction with Faasera (UI/API/Function) is logged.
- Tamper-proof audit logs for compliance review.
- Integration with SIEM tools (Splunk, Elastic, Datadog).
Threat Protection
- Built-in protections against injection, replay, and DoS attacks.
- Secure sandbox execution of user-defined functions (UDFs).
- Rate limiting, IP allowlists, and throttling supported per deployment.
Secure Deployment
- Containerized and serverless-first deployment models.
- Built-in vulnerability scanning and hardened base images.
- Supports infrastructure-as-code security scanning (Terraform, ARM, etc.).
Compliance-Aligned Practices
- Faasera’s engineering and operational processes align with:
- SOC 2 Type II (internal controls and monitoring)
- ISO 27001 (information security management)
- HIPAA (for healthcare customers)
- GDPR & CCPA readiness