MigrateClouds
Docs
Docs
Security

Security

Learn about MigrateClouds' security features and best practices for keeping your data safe.

Security is our priority

MigrateClouds takes security seriously. We follow industry best practices to protect your data and provide tools for you to maintain control over your information.

Data Protection

Your data is encrypted in transit and at rest. We use industry-standard encryption protocols to ensure your information remains secure.

Access Control

Granular permissions and role-based access control allow you to determine who can access your data and what actions they can perform.

Authentication

Multi-factor authentication and secure login options help protect your account from unauthorized access.

Data Encryption

MigrateClouds uses industry-standard encryption to protect your data:

  • In Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.3.
  • At Rest: Your data is encrypted at rest using AES-256 encryption.
  • Key Management: Encryption keys are securely managed and rotated regularly.

We never store your cloud service credentials. Instead, we use OAuth tokens that can be revoked at any time.

Authentication & Access Control

Multi-Factor Authentication (MFA)

We strongly recommend enabling MFA for your MigrateClouds account. You can set this up in your account settings:

  1. Go to Settings → Security
  2. Click "Enable Two-Factor Authentication"
  3. Follow the prompts to set up an authenticator app

API Keys

When using API keys, follow these best practices:

  • Create separate API keys for different applications or services
  • Use the principle of least privilege - only grant the permissions needed
  • Regularly rotate your API keys
  • Never hardcode API keys in your source code or commit them to version control

Role-Based Access Control

Enterprise plans include role-based access control, allowing you to:

  • Create custom roles with specific permissions
  • Assign users to roles appropriate for their job function
  • Implement the principle of least privilege
  • Audit user actions and access

Compliance

MigrateClouds is designed to help you meet your compliance requirements:

  • GDPR: We provide tools to help you comply with GDPR requirements, including data export and deletion capabilities.
  • SOC 2: Our infrastructure and processes are SOC 2 Type II certified.
  • HIPAA: Enterprise plans include features to help with HIPAA compliance.
  • Data Residency: Enterprise plans offer data residency options for organizations with specific geographic requirements.

Security Best Practices

Account Security

  • Use a strong, unique password for your MigrateClouds account
  • Enable multi-factor authentication
  • Regularly review connected applications and revoke access for unused services
  • Monitor account activity for suspicious behavior

Data Security

  • Be cautious when transferring sensitive data
  • Use folder permissions to restrict access to sensitive files
  • Regularly audit file access and sharing settings
  • Consider encrypting highly sensitive files before uploading them

API and Integration Security

  • Rotate API keys regularly
  • Use webhook signatures to verify webhook requests
  • Implement proper error handling in your integrations
  • Follow the principle of least privilege when granting permissions

Security Reporting

If you discover a security vulnerability in MigrateClouds, please report it to us immediately at [email protected].

We have a responsible disclosure policy and will work with you to address any issues promptly.

Security resources

For more information about our security practices, please see our Security page or contact our security team at [email protected]