Security
Caching Layer
Explo’s caching layer brings customer data into an in-memory cache to further improve the product experience. Depending on which data connector your workspace uses, Explo will either use Heroku Shield Redis or Apache Ignite.
Both of these technologies are aligned to ensure that Explo upholds our SOC 2 Type 2 accreditation and HIPAA compliance. If you are using our new data connector (FIDO), then you are using Apache Ignite.
Redis FAQs
- Redis is an ephemeral data storage, meaning the data is only held temporarily
- Our Redis is deployed on Heroku Shield, which is a managed Redis service
Apache Ignite FAQs
- Apache Ignite is an open source project (Github can be found here)
- Explo is only using Ignite’s default setting, which operates in a pure in-memory mode
- Our Apache Ignite is deployed in our AWS ECS clusters
General Cache FAQs
- Certified to handle
PHI
,PII
, andHIPAA
data - The data is only held in memory and not written to disk, so the data is never stored
- All communication channels with the cache are fully encrypted
- How long the data is held is memory is configurable in the application
Compliance
- Customers are able to opt-out of using our cache
- It is recommended for a better experience, but it is not required
- Explo’s Privacy Policy, HIPAA Breach Notification Policy, and Incident Response Plan HIPAA Addendum with Breach Notification Procedures are updated to reflect the use of the cache and the ability to opt-out
Is this considered storing data?
No. Data is only held in memory and never written to disk, so the data is never stored in Explo’s systems.