- Cloud Service Availability
- Source Code Reviews
- SSO Providers
- HIPAA Deployment Requirements
- Jurisdictional Boundary Requirements
- Security Certifications
- Information Security Program
- Security Policies and Industry Standards
- Privacy and Data Protection Officers
- Data and Services Security
- Personal Data Processing
- Index Encryption
- Disaster Recovery
- Data Breach Notification Process
- Vulnerability Assessments and Penetration Testing
- Performance Tests
- IP Addresses in UA Data
If a Customer Has Jurisdictional Boundary Requirements, How Can Coveo Meet Requirements to Either Keep Data Within, or Notify the Customer When Data Is Transferred Outside a Given Jurisdiction?
Coveo Hosted Services leverage US-based data centers only. The physical infrastructure is hosted and managed by Coveo’s hosting partner. Data centers are housed in nondescript, critical facilities capable of withstanding adverse weather and other reasonably predictable natural conditions. Physical access is strictly controlled both at the building perimeter and at building ingress points by professional security staff utilizing video surveillance, state-of-the-art intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication multiple times to access data center floors. All visitors and contractors are required to present identification, and are signed in and continually escorted by authorized staff.
Customers from a country member of the European Union are protected under the Privacy Shield, if needed.