ColdPlane

Security

How we keep your archived data safe and secure.

Encryption at Rest

All archived data is encrypted with AES-256 using unique per-backup encryption keys managed by AWS.

Encryption in Transit

All data transfers use TLS encryption. API communication and data uploads are encrypted end-to-end.

AWS Infrastructure

Built entirely on managed AWS services with no self-managed servers to patch or secure.

Access Controls

Authentication via JWT tokens and API key support. Role-based access for team plans.

Query Security

Queries are executed in isolated serverless environments with strict guardrails: SQL validation blocks dangerous operations, scan limits prevent runaway queries, and results are size-capped. Data is decrypted only in memory during query execution and never persisted in plaintext.

Compliance Roadmap

ColdPlane is built on secure, compliant AWS services and designed to support audit and retention requirements. We do not currently hold SOC 2, HIPAA, or ISO 27001 certifications but these are on our roadmap. If certifications are critical for your organization, contact us to discuss timelines.