fbpx
Select Page

Secure, Down to the Foundations

Sigma sits atop your existing cloud database, using a secure connection to query your data warehouse directly. Sigma writes a query to access the data needed to answer your question and returns the result in the browser – we never store any data at rest.

Sigma provides a single point-of-access for your data,  so you can establish robust data governance and keep report sprawl to a minimum and access to sensitive information restricted. Administrators can set permissions by team and namespace, and can restrict data access directly from the database as well.

Sigma uses Google Cloud Platform to offer industry-standard security, availability, and durability.

You Data Remains Secure

 

Sigma Security Architecture

Sensitive metadata is encrypted at-rest with per-organization keys. Sigma does not cache or copy data onto its own servers. Sigma supports Security-Conscious functionality like SSO and Usage Audits (coming soon).

SOC – 2

Sigma leverages best practices for security controls as part of our security program. We work with AICPA-certified, third-party auditors to maintain security compliance including SOC 2, Type II. 
 ‍

Cloud Security Alliance (CSA)

Sigma has completed the CSA’s “Consensus Assessments Initiative Questionnaire” (CAIQ), which provides a set of questions a cloud consumer may wish to ask to ascertain their compliance to the Cloud Controls Matrix and CSA best practices. 

GDPR

At Sigma, we firmly support the GDPR – in practice and in philosophy.  We work with our customers in the European Economic Area to assure compliance with personal data handling requirements and cross-border transfer requirements under GDPR.
As a processor, we process data on behalf of our customers.  We expect that some of our customers will require us to enter into a data processing addendum (“DPA”), per Article 28 of the GDPR.  
Sigma uses several subprocessors. The majority of our obligations hinge on our primary subprocessor: Google Cloud Platform.  Read more about Google Cloud Platform’s commitment to GDPR.

Healthcare Data

Sigma is currently undergoing attestation for the processes and controls required by the U.S. Health Insurance Portability and Accountability Act (HIPAA), to be completed in 2019.

The first two weeks are on us

Get unlimited insights with Sigma for FREE with a 14-day trial.

We are rewriting the rules of analytics. Sigma empowers domain experts to join the data conversation, answer the toughest questions, and drive insights.