Overview
The need to keep data secure is a paramount concern for most companies, not only because it is a valuable asset, but because of the legal issues around customer privacy.
The davinci platform is designed from the ground up to be secure. Data is securely downloaded to the user's browser after the user is authenticated, and discarded when the browser is closed. Any data that the user chooses to store on the davinci servers is encrypted and given an obfuscated id.
Linked Data
Linked data is data that is loaded into a workspace or page by connecting to a URL and downloading the data from that URL. The data is not embedded, and will not be saved with the workspace or page. This means that the data will be re-loaded whenever the workspace/page is reloaded.
Security is managed on linked data by a series of authentication tokens. Users set up their authentication tokens in the profile app. When a user connects to a server in order to download data, the browser sends the relevant authentication tokens to the server along with the data request. This securely identifies the user to the data server.
Linked data is discarded from the browser when the user closes the browser.
Embedded Data
Embedded data is data is uploaded into a desktop or page and is embedded directly into the page. Data that is loaded into the browser from the hard drive are embedded in the page, otherwise, data is only embeded if the user chooses to embed it.
While the workspace/page is being held in computer memory, it is secure. Once the user saves the workspace/page, the data is only as secure as the location where the user saved the workspace/page
Any workspaces/pages saved to the davinci server are first encrypted and then saved to our secure database. workspaces/pages saved to the local hard drive or to a third party server, the security is then managed by the administrator of the local machine or the third party server.
Additional Data Security Options
The davinci architecture makes it easy to implement additional layers of security on your data.
- Constrained by IP - data can be refused to be served based on the IP address of the user requesting the data. Additionally, the data can pruned or other transformed based on the IP.
- User Constrained Data - enables a data server to stream only the data that the given user is authorized to view. That is, data servers can be configured to removed data from the results of a data request based on the user requesting the data
See Security Configurations