Data populated by you in Pulse36 is yours to own. You have full access to all your data while using the Pulse360 application.
If you decide to stop using Pulse360 please let us know as soon as possible and we will prepare and send you a download of all your data.
All of your data is encrypted using industry standard AES 256-bit. At rest: via AWS KMS on all of components with storage capabilities such as: EC2, RDS, S3, etc.
For Encryption in Transit we are using TLS 1.2 with Certificates provided by AWS ACM for the Cloudfront endpoints and API endpoints.
Our network and databases have been designed on AWS, using environments that are isolated using VPC. Depending on your plan, practice data is segregated in entirely separate databases and /or tables. No commingling of data.
In addition, we have automated audit trail with APIs and Cloudtrail enabled.
Being part of Amazon AWS, we benefit from multiple AWS data centers and a network built from the ground-up to protect information, identities and applications. In addition, AWS provides us unparalleled scalability and reliability options.
AWS regularly achieves third-party validation for thousands of global compliance requirements that they continually monitor to help meet security and compliance standards for finance, retail, healthcare, government, and beyond. We inherit the latest security controls operated by AWS, strengthening our own compliance. AWS supports many security standards and compliance certifications, including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171, helping satisfy compliance requirements for virtually every regulatory agency around the globe.
All data is backed up and handled by a predefined data life cycle, AES 256-bit encryption, S3 cross-region replication and protected by content security policies which enforces data handling best practices avoiding data loss.
Using AWS, has allowed us to implement their Identity and Access Management (IAM). This enables us to manage access to AWS services and resources securely. Using IAM, we have created and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
IAM also enables us to add specific conditions such as time of day to control how a user can use AWS, their originating IP address, whether they are using SSL, or whether they have authenticated with a multi-factor authentication device. All IAM users activity is recorded and audits recorded by the AWS Cloudtrail service.
We limit access to production environment to persons that need to have such access. In addition, we utilize, Multi-factor authentication for all users.
We have implemented AWS Key Management Service (AWS KMS). The AWS KMS allows us to manage the lifecycle of encryption keys and control how they are used by our application and other AWS services.
Due to the sensitive nature of security, we are unable to disclose additional controls that we have in place. In addition, depending on the threats, we may make changes on how we secure your data.
Subscribe to our newsletter
For advisor insights, opinions (and maybe a little bit of humor!) delivered direct to your inbox