Segment takes the security of our customer data incredibly seriously.
- encrypt all data in transit using TLS
- encrypt customer data at rest using AES-256
- perform regular security audits
- rely on Amazon Web Services to ensure that our infrastructure is scalable and kept up to date with security patches
- We also monitor an incoming security email address (firstname.lastname@example.org) for urgent notices and security threats so that we can respond to them within 24 hours.
My write key is visible, should I be worried?
In order for any source to send data to the right destination, there needs to be a unique identifier. All services operate similarly—Google Analytics, Mixpanel, Hubspot, Marketo, etc. Sometimes it’s called an API key, application token, and so on. In our case, it is the write key.
For the Segment script to work in the browser, the write key must be exposed.
What if someone uses my write key maliciously?
If you suspect that your write key is being used maliciously, please submit a ticket so we can change the keys for you as soon as possible.
This hasn’t been a big problem for customers in the past. We’ve only had to change the write keys for a few customers, and it is usually due to a bot scraping an HTML page where the Segment snippet is present, and re-posting that page on another domain.
If I’m adding CSP to my site, what should I whitelist?
We don’t have full lists for everything that our partners load, but you can whitelist the following controls we load:
For sending requests, you’ll want to whitelist scripts and ajax calls
Do you run certified audits?
We currently do not.
Do you run independent security audits?
Yes, we use Matasano for our independent audits every 6 months.
Do you run background checks on employees?
Does your software run multi-tenant?
Where is your source code hosted?
How long is data stored?
Indefinitely in Amazon s3, but it’s not stored or accessible anywhere else.
For enterprise customers we can set custom data retention policies.
What level of encrypted connections do you support?
In general, we try to use the most updated versions set up as part of the ELB security policy.
Is a documented data breach notification process in place?
Yes. If we find there is a data breach, we will immediately alert all affected customers via email once the breach has been patched. At that time, we will also reset any passwords or sensitive credentials which may have been leaked as part of the breach.
Is a documented data retention/disposal policy in place?
Unless otherwise specified, we keep customer data indefinitely. It’s possible to ask for expirations as part of our enterprise plans. We don’t have official relationships with sub-vendors for their data retention.
Are Disaster Recovery Plans / Business Continuity Plans updated and tested at least annually?
We’re currently formulating our disaster recovery plan. That being said, we make hourly backups of our database, replicate our servers across multiple availability zones and keep snapshots of the data in multiple s3 buckets.