Back to Blog

Securely handling your data in SaaS

Sasha Hayden

Posted on 18th February 2021

We are excited to be releasing the first of many SaaS products from DeltaXML in the next few weeks. Our SaaS products operate on your data and will provide results that show how your data changes or how we have processed your changes in operations such as merge or graft. With the launch of DeltaJSON SaaS our customers will manage change in JSON files using a flexible web-based GUI, building functions into code with the REST API, or even access the software with applications such as Postman.

Secure data is important

Using any SaaS system raises questions about data security, confidentiality or data protection regulations. We want our customers using DeltaJSON SaaS to feel secure in the knowledge we take our responsibilities seriously. The security of your data is important to us, so we’ve answered the most common key questions below.

(To be clear, when we talk about data we mean the data you process in DeltaJSON and fragments of that data in the results.)

Is data transfer secure?

YES. Your data is encrypted when transferred to DeltaJSON and using our REST API requires additional authorisation headers. We allow HTTPS secure connections only.

Do you routinely store data?

NO. Calls to DeltaJSON where results are returned after processing (synchronous calls) are not stored.

What about jobs data?

YES, but you have complete control. When DeltaJSON is used to process many datasets (asynchronous), we encrypt the stored results. This result data is deleted after 1hr, or can be deleted immediately by sending a command. We never copy or process the results data elsewhere, i.e. backups.

Logging performance

We want our customers to receive an exceptional experience from our systems, so we are always monitoring performance of DeltaJSON. This means we log information to improve performance and help us resolve bugs customers might experience. Transparency is the cornerstone of trust between our customers and DeltaXML, so here is the system information we log:

Date timeWhen a DeltaJSON function is used, this helps us plan resources for peak traffic.
Processing timeHow to plan and deploy our resources to maintain performance.
Data sizeHow to plan and deploy our resources to maintain performance.
FunctionFunctions (Compare / Graft / Patch) tell us which are the most popular and useful for our customers.
IP AddressUseful for security when combating attacks on our system or misuse.
SourceHow customers use DeltaJSON, i.e. from the web GUI, or from within code, or perhaps from a popular application like Postman.

If you have any questions or concerns, please get in touch.