Security

Totalcloud takes several measures to improve your security. Read below to find out more.

Totalcloud implements best practices to ensure user data security.


Data & Network Security:

Totalcloud does not store any information except for the cost billing reports. The billing reports will also be deleted as soon as the account is deleted and in case your subscription is over, we retain temporarily for 15 days. All the metadata information is fetched & processed in real-time without storing. All sensitive information is transmitted over encrypted channels(TLS/SSL) and HTTPS . Our servers are hosted in AWS's Virtual Private Cloud with strong access controls for network and application level security. 


Data Purge policy: 

All user data are permanently deleted if you delete your Totalcloud account. 


AWS Access Methodology:

  • We support only Cross-Account Access method to connect to your AWS acccount. Cross-Account access method is the industry standard & most secure methodology to provide access to 3rd party vendors.
  • IAM Permission policy

         ReadOnlyAccess:  Monitoring, Cost analysis, Insights and Compliance feature would require this access permission to retrieve information.

         CustomAccess(Optional):  User can provide custom write permissions to specific resource and operations based on user's requirement. We provide full flexibility in configuring your permissions for operations and Automation. This is optional.         

  • All credentials and password are uniquely salted and strong hashed and cannot be retrieved by anyone including Totalcloud staff.
  •  Where ever required credentials (like secret keys) are one way functions and can only be overridden by the user and not retrieved.


For more information and suggestions, please contact us at cloud@totalcloud.io

Get Started with a free account

FOLLOW US