Security and compliance at Make
Join 500,000+ Makers around the world who trust Make to keep their data safe and secure.
Highly secure and reliable visual automation
Strict vulnerability management processes to identify and resolve threats. Regular penetration testing by independent third parties to ensure that our platform is safe and secure.
Robust access control measures. Our hosting environment is only accessible from the private network via VPN and does not support direct access from the public internet.
We support single sign-on authentication with Google, Facebook, and GitHub. Advanced role and team management functions within an organization's profile. Enterprise customers have the option to use their own SSO implementation. If you want to find out more: Talk to sales.
Our cluster is deployed over two zones to guarantee availability. Our infrastructure resides within Amazon AWS EC2 private instances (Amazon VPC) with Amazon Enterprise support in place. Learn more about AWS security here.
Our developers adhere to coding standards in accordance with the Open Web Application Security Project (OWASP). Static Application Security Testing (SAST) is also in place to improve Make’s Software Development Life Cycle (SDLC).
We are committed to protecting our customers' data and employ advanced security practices to keep data safe and secure. By default, log data is stored for 30 days. In our Enterprise Plan, we also offer the ability to store data for an extended period. If you want to find out more: Talk to sales.
Every connection between Make and a third-party service provider is established in the most secure available way. In some cases (e.g. FTP, databases), customers have the option to manually set the security level. We secure our network communication with TLS version 1.2 and 1.3 using AES 256 encryption.
All passwords are stored in an encrypted format and can’t be reproduced by anyone - not even Make employees. We use full-disk encryption within the industry-standard AES-256 encryption algorithm and AWS Key Management Service (KMS) for managing cryptographic keys.
Make Enterprise by Celonis fulfills the highest security and compliance standards. Our Enterprise platform runs in a separately managed AWS environment where you are physically and logically isolated from the self-service cloud customers. As an Enterprise Plan customer, you will enjoy a 99.5% Cloud Service Uptime and our Enterprise Customer Support Services with defined Customer Support Service SLAs.
We operate under an information security program that is aligned with ISO 27001 standards and runs within an infrastructure compliant with SOC2.
Industry best practices and standards
We are committed to maintaining the highest security and compliance standards to keep your data secure and confidential.
Learn about our approach to application security, access control, customer data security, and more.