A holistic approach to security
At Informatica, security is paramount. We are dedicated to safeguarding our data, products and most importantly, our customers’ trust. Our robust security practices are designed to ensure that your valuable data is protected.
Securing customer data is part of our core strategy and values. We built our cloud from the ground up, keeping security as a primary design principle. Our platform includes security features like encryption, access controls, user authentication, audit trails, and automated backups to help ensure the security, integrity, and availability of your data.
Our platform leverages industry standard encryption practices. This means that customer data is encrypted at rest using an AES-256 key. Data in transit is encrypted using TLS-1.2 or greater protocol.
IDMC is a multi-tenant environment, which hosts customer instances in a dedicated “private” environment using the public cloud. Our multi-tenant architecture ensures that each customer’s data is segregated from all other tenants and is only exposed to authorized users. This means that there is no commingling of customer data. You can check the production status of all publicly hosted Informatica cloud products, including planned maintenance schedules and other updates, at status.informatica.com.
Informatica offers comprehensive support, including training for your team, ongoing maintenance, and troubleshooting to ensure your platform environment operates smoothly.
To the full extent permitted by law, we are committed to transparency about government requests for data we process on behalf of our customers. Our latest Transparency Report outlines any history of requests and showcases our dedication to protecting user data including the principles we would follow if we were to receive such a request.
Check the production status of all publicly hosted Informatica cloud products, including planned maintenance schedules and other updates at any time.
Informatica’s Cloud Security Program
We are committed to continuously earning your trust; that’s why we comply with key standards and regulations in your industries. The Informatica cloud security program is designed to protect you and us from cyber threats, enabling you to take smart risks while maintaining a safe and compliant environment. We start with policies that provide a baseline for us to define standards and to define how we securely operate our cloud infrastructure at scale. We perform continuous audits to ensure that our environment is compliant with applicable standards and regulations.
Our global security team is comprised of the following functions:
Office of the CISO
Governance, Risk, Compliance & Privacy
Cloud Security Architects
Cloud Security Engineers
Security Operations Center
At Informatica, security is at the forefront of everything we do.
We understand the critical importance of protecting data and ensuring the integrity of our services. We are dedicated to safeguarding our data, products and most importantly, our clients’ trust. Informatica’s robust security practices ensure that your valuable data is protected.
We are committed to providing secure, reliable and high-quality solutions while safeguarding your data.
At Informatica, we understand the importance of trust and security in everything we do. Our Trust Center is dedicated to providing you with comprehensive information about how we safeguard your data, protect your privacy, and ensure the security of our services.
Certifications, assessments, and standards
Consistent with our cloud principles, we hold ourselves accountable to a higher standard. Our commitment to transparency and accountability involves providing executive summaries derived from independent third-party penetration test reports. We continuously add to our list of externally validated certifications, assessments, and standards to keep your data safe, and to ensure we remain a best-in-class cloud service provider.
Law Enforcement Requests and Informatica’s Transparency Report – February 23, 2024
This document explains how Informatica responds to governmental requests for data we process on behalf of our customers.
History of Requests:
From January 1, 2017 through the date of publication of this document, Informatica did not receive any search warrants, subpoenas, or national security requests (such as national security letters or Foreign Intelligence Surveillance Act orders) for customer data or metadata.
Encryption of customer data:
All products on Informatica’s Informatica Intelligent Cloud Services platform hosted on Microsoft Azure, Amazon Web Services, Google Cloud Platform, or Oracle Cloud including Cloud Data Integration, Master Data Management (MDM) Cloud, and Data Quality and Governance Cloud, and single-tenant hosted MDM and Product 360, encrypt all customer data and customer-specific metadata in motion (even traffic within a pod) and at rest (at both file and database level). Encryption is continuous from transit out of the customer’s network, within Informatica’s cloud components, and through to delivery to the destination. Encryption in motion uses TLS v1.2 or greater, and encryption at rest uses AES-256. This encryption creates a practical impediment to surveillance of customer data without awareness of Informatica or our customer.
Our response process relies on four principles:
Notice. Informatica notifies the customer whose data or metadata is the subject of the request, except where prohibited by law. Informatica gives this notification promptly and in advance of fulfilling the request except where prohibited by law or in the case of a bona fide emergency.
Validity. Informatica analyzes each request to determine its validity, including the substance of the request and the jurisdictional authority of the government entity, regulator, or law enforcement agency issuing the request.
Challenge. If Informatica concludes that the request itself or an order to delay notice of the request may not be valid, Informatica challenges that request or order.
Limitation. Informatica provides customer data or metadata in response to the request only if required by law. Informatica construes each request narrowly and discloses only the information required.
If you have questions about this Transparency Report, please contact email@example.com.