Security – Actian DataCloud

Actian has given significant attention to addressing the security concerns of customers accessing the Actian DataCloud. We have designed the architecture to focus on security at both the user and the application level.

The DataCloud utilizes the following security and standards:

AES 128-bit or 256-bit encryption protocol (browser dependent) for the TLS connection.

PGP encryption / decryption possible at the process level.

PCI Security standards compliance.

SSAE 16 SOC 2 Type 2 Attestation – Actian has maintained a SOC 2 Type 2 since June 1, 2017. Our latest audit was completed for the period November 1, 2020 to October 31, 2021.

The DataCloud runs in the Amazon Web Services (AWS) environment. The AWS environment has achieved numerous security certifications and attestations. See for their complete and updated list.


Since this is a multi-tenant architecture, how do I make sure my applications and processes on Actian DataCloud are not accessed by others?

Each Actian DataCloud tenant has their own set of credentials. Users need both a private and a public key to access their private ActianDataCloud2 processes.

Actian does not share any keys outside our API, so there is no shared public storage.

Entities cannot be deleted. However, customers can control their metadata.

What security protocol does Actian DataCloud use?

The DataCloud uses the Secure Sockets Layer (SSL) protocol with AES 128-bit or 256-bit encryption protocol for the TLS connection.

How do you address security during process execution?

From an execution standpoint, your process will never run on the same virtual machine as another data services process (i.e., each instance is separate from another). The machine operating on your behalf does not let you access it unless the ActianAPI lets you in with your secure credentials. If data does not belong to a particular process, a user of that process is not allowed access to the data. The user/product hierarchy does not let a user cross over to other products or processes.

How does the Actian DataCloud interact with Amazon Web Services’ S3 storage?

The DataCloud controls access to S3 storage through the Actian DataCloud API security structure.

Please describe the security of Amazon Web Services (AWS).

The AWS firewall is ‘locked down,” meaning security is high and your virtual environment will be safe. Other Amazon machines cannot affect yours, and AWS restricts access of non Actian systems.

Review the Amazon Web Services Risk and Compliance Document

Review the Amazon Web Services Overall Security Processes Document

Is Actian DataCloud PCI compliant?

No. The Actian DataCloud undergoes a regular PCI Approved Scanning Vendor (ASV) website vulnerability scan to meet PCI requirements for section 11.2. We invite you to review our site scan results.