We take our relationship seriously. These are measures and policies Shake Technologies, Inc. sticks to in order to keep your data private.
Yes, your data. Unlike others, we don’t claim any ownership over it. We host it to provide you our brilliant service on top of it, just like a bank provides and protects your safe deposit box without owning its contents.
Shake is 100% hosted on Amazon Web Services, a world leader in compliance with the latest security best practices, including the Privacy Shield. All your data is in Amazon’s private data center in Frankfurt, Germany, European Union eu-central-1.
Data is encrypted
Your data in transit is encrypted using secure TLS cryptographic protocols. It’s then stored in PostgreSQL and ElasticSearch on AWS Elastic Block Store disks, both of which are encrypted at rest using AES with a 256-bit key.
Even the basic data our systems are required to have can not be accessed unless formally requested by you. Then, only one of the authorized in-house employees — audited on a regular basis — could be granted an access to assist you.
Disable at the source
Shake reports non-personally identifiable info but you can customize it to report truly anything, for example during internal testing. Use .setNetworkRequestsFilter() to redact private info on devices so it never leaves the source.
We commission security experts to perform pen tests on Shake to find our vulnerabilities. Those are then prioritized and diligently patched.
No credit card data
The best way we can protect your credit card info is to not get it at all. If you decide to upgrade, you will do so through a secure payment processor Stripe.
ISO 27001, ISO 27017 and ISO 27018
Shake data centers are compliant with ISO 27001, ISO 27017 and ISO 27018 certifications. These widely-recognized international security standards cover the systems, applications, people, technology, policies, procedures and data centers serving customers. Our hosting provider Amazon Web Services (AWS) has achieved all three of these certificates. AWS’s ISO 27001 defines how AWS perpetually manages security in a holistic, comprehensive manner. The ISO 27017 certification provides guidance on the information security aspects of cloud computing. ISO 27018 governs protection of personally identifiable information (PII) in the cloud.
SSAE 16 / ISAE 3402 Type II: SOC 1, SOC 2 and SOC 3
Shake data centers are compliant with SOC 1, SOC 2 and SOC 3 certifications. The purpose of SOC standards is to provide confidence and peace of mind for organizations when they engage third-party vendors. A SOC-certified organization has been audited by an independent certified public accountant who determined the firm has the appropriate SOC safeguards and procedures in place. Our hosting provider Amazon Web Services (AWS) has achieved SOC 3 certification and its public report can be downloaded here.
We have added functional enhancements to the Shake platform and prepared detailed documentation to make sure that you as a data controller can feel totally confident using Shake and fulfilling your obligations under GDPR. All the details are available in our Data Processing Agreement.
Shake collects, processes, stores, and uses personal data in compliance with the requirements of the California Consumer Privacy Act (CCPA). We never share or sell personal data for non-Shake purposes under the CCPA. Find more information in our Data Processing Agreement.
Our offices have 24-hour security personnel on site, cameras, visitor logs and smart card door entry requirements.
Agreements and courses
Our non-disclosures, training courses and security guidelines guide our entire team in making the right security decisions.
Principle of least privilege
Shake audits data access regularly so that employees only have the permissions necessary to do their jobs.
Access to an AWS account is strictly limited. Additionally, IDS and firewalls are set up at the edge locations.
To ensure business continuity in case of disaster, critical data is always backed up and moved to a different account.
Scalability and high availability
Through a multi-availability zone, we are able to maintain Shake functionality even if an entire zone fails.