Auvik Security

Auvik’s network monitoring and management system is built
with security and privacy first.

Have questions? Our team is here to help.

Secure architecture

Auvik’s cloud-based software is purpose-built for the cloud following industry best practices of secure data collection and storage. Auvik servers use an industry standard four-tier architecture, with security protocols at every layer. This architecture includes:

Data isolation:

When the Auvik collector is installed on a network, it’s uniquely configured to be associated with only one account. As data from the collector reaches the Auvik system, it’s partitioned in such a way that it cannot cross from one account to another.

Encryption:

Auvik leverages AES-256 encryption for data at rest, and all communications between the Auvik collector and the cloud require a minimum of TLS v1.2 encryption.

Access control:

Systems holding customer data can only be accessed by authorized personnel through controlled mechanisms.

Secure agent

Auvik’s agent, known as the collector, is a piece of code that uses industry standard protocols to gather information about a network, such as topology details, configurations, and network statistics. The collector summarizes and sends that information to the Auvik servers over encrypted connections.

All collector connections to the cloud are outbound, and encrypted (minimum of TLS v1.2) using certificate authentication to ensure communication is always and only between the collector and Auvik servers.

Secure access

Through a combination of physical and logical security measures detailed below, we’ve made it virtually impossible for non-approved and non-authorized users to access Auvik customer information.

Physical:

Auvik servers are hosted in AWS’ (Amazon Web Services) secure, state-of-the-art data centers that offer:

24-7 security guard protection with electronic surveillance
Multi-factor access control
ISO 27001, ISO 27017, and ISO 27108 data center certification, which undergo regular SOC 2 Type II audits

Logical:

Data housed within Auvik is protected by a number of logical controls, including:

Single Sign On (SSO): Centralized authentication to Auvik leverages SSO capabilities adhering to the SAML 2.0 or OAuth 2.0 industry standards.
Two-factor authentication: Auvik requires two-factor authentication (2FA) for all Auvik users.
Role-based access controls: Auvik offers granular role-based access controls, with preset roles and the ability to add custom roles.

Secure practices

Security isn’t just a department at Auvik—it's ingrained in every process:

Comprehensive security program: Auvk’s security program is built on the Center for Internet Security’s CIS Controls, ensuring that we follow an industry recognized security program that provides security oversight throughout the organization.
Secure coding practices: Auvik’s software is developed and tested following the principles set out in the Open Web Application Security Project (OWASP) Top Ten framework.
Vulnerability management: Auvik tests all code for security vulnerabilities before release, and regularly scans the network and systems for risk. Third party scans are conducted regularly, along with annual external penetration tests against Auvik’s software.
Security monitoring: Auvik’s always-on 24x7 DevOps team is continually monitoring to ensure a strong security posture and a proactive approach to potential threats.
Incident management: Auvik’s Security Incident Response Team (SIRT) ensures the incident management process is always up to date, and processes are followed to the letter.
Security awareness training: Security starts with everyone. At Auvik, our program includes quarterly training, ensuring that all employees understand the importance of security and how it intertwines with their workday.

Compliance

At Auvik,our users’ right to data privacy and protection is paramount. The Auvik platform doesn’t collect and process personal user information beyond what’s required for administering the platform. Learn more about Auvik’s compliance program.