All data stored by the Nullstone system is backed up in order to ensure no data is ever lost. Your data is also replicated to provide reliability and uptime. Should a database ever experience an outage, the data is deployed across multiple data centers and data is restored from backups.
Data Retention Policy
All your data stored by Nullstone is held for as long as you desire. In accordance with our internal data retention policy, we will delete your data only by request.
You are the owner of your data and can request a full copy of your data at any time.
Encrypted Data - At Rest, In Transit
All Nullstone datastore modules are configured to use encryption at rest where possible. For example, data in your database is encrypted on disk. This provides an extra layer of protection should an attacker gain access to your network.
All Nullstone datastore modules are configured to use in-transit encryption where possible. Connections to your datastore require SSL to maintain a high level of security and privacy. This ensures your data is protected as it is transmitted to and from your applications.
Secure Applications via HTTPS
All Nullstone application modules are configured to keep your applications protected behind private networks. Only when you configure a domain for your application will it be accessible to the public. All Nullstone domain modules have a default configuration requiring https. We recommend that all of your public applications require https in order to protect data from unauthorized parties and to keep your data free from manipulation.
Access to Customer Data
Nullstone does not have access to your customer’s data. All of the infrastructure created using Nullstone is provisioned in your cloud accounts.
Nullstone only holds the infrastructure metadata, infrastructure state, and configuration. Nullstone employees are not granted access to this data unless explicitly granted by the customer for support purposes.
All of the infrastructure for the Nullstone platform is hosted on AWS. This provides the Nullstone platform a reliable foundation and allows us to focus on delivering the best possible developer platform.
Nullstone continually looks for any indicators of security threats and has implemented tools to help detect and notify our incident response team. Should an event occur, Nullstone maintains a response plan that includes steps to notify customers and escalate internally. This response plan also includes steps for incident reporting and disaster recovery.
Nullstone maintains a disaster recovery plan that is tested on a regular basis. All of the data, code, and assets within the Nullstone platform are backed up regularly across multiple data centers for redundancy and resiliency.
[ This is a placeholder for later, we should take a look at how hard it would be to use Cloudflare DNS to enable this. ]