Platform Trust

The Informatica Intelligent Data Management Cloud is built with performance, reliability, and security at its core to protect your most valuable asset.

 

view certifications

A holistic approach to security

At Informatica, security is paramount. We are dedicated to safeguarding our data, products and most importantly, our customers’ trust. Our robust security practices are designed to ensure that your valuable data is protected.

Securing customer data is part of our core strategy and values. We built our cloud from the ground up, keeping security as a primary design principle. Our platform includes security features like encryption, access controls, user authentication, audit trails, and automated backups to help ensure the security, integrity, and availability of your data.

Our platform leverages industry standard encryption practices. This means that customer data is encrypted at rest using an AES-256 key. Data in transit is encrypted using TLS-1.2 or greater protocol.

IDMC is a multi-tenant environment, which hosts customer instances in a dedicated “private” environment using the public cloud. Our multi-tenant architecture ensures that each customer’s data is segregated from all other tenants and is only exposed to authorized users. This means that there is no commingling of customer data. You can check the production status of all publicly hosted Informatica cloud products, including planned maintenance schedules and other updates, at status.informatica.com.

Informatica offers comprehensive support, including training for your team, ongoing maintenance, and troubleshooting to ensure your platform environment operates smoothly.

Our Privacy Policy outlines how we collect and use personal data including the data your users provide while using our online products and services, emphasizing transparency and compliance with relevant data protection laws.

To the full extent permitted by law, we are committed to transparency about government requests for data we process on behalf of our customers. Our latest Transparency Report outlines any history of requests and showcases our dedication to protecting user data including the principles we would follow if we were to receive such a request.

Check the production status of all publicly hosted Informatica cloud products, including planned maintenance schedules and other updates at any time.

view system status

Informatica’s Cloud Security Program

We are committed to continuously earning your trust; that’s why we comply with key standards and regulations in your industries. The Informatica cloud security program is designed to protect you and us from cyber threats, enabling you to take smart risks while maintaining a safe and compliant environment. We start with policies that provide a baseline for us to define standards and to define how we securely operate our cloud infrastructure at scale. We perform continuous audits to ensure that our environment is compliant with applicable standards and regulations.

platform-trust-page-security-diagram

Our global security team is comprised of the following functions:

Office of the CISO

Product Security

Governance, Risk, Compliance & Privacy

Cloud Security Architects

Cloud Security Engineers

Security Operations Center

At Informatica, security is at the forefront of everything we do.

We understand the critical importance of protecting data and ensuring the integrity of our services. We are dedicated to safeguarding our data, products and most importantly, our clients’ trust. Informatica’s robust security practices ensure that your valuable data is protected.

We are committed to providing secure, reliable and high-quality solutions while safeguarding your data.

Binding Corporate Rules

Informatica follows Controller and Process Binding Corporate Rules (BCRs) approved by the European Data Protection Board. These BCRs embody Informatica’s commitment to its employees, business contacts and customers to follow rigorous privacy policies and practices. See “Binding Corporate Rules” link for current copies of the BCRs.

Certifications, assessments, and standards

Consistent with our cloud principles, we hold ourselves accountable to a higher standard. Our commitment to transparency and accountability involves providing executive summaries derived from independent third-party penetration test reports. We continuously add to our list of externally validated certifications, assessments, and standards to keep your data safe, and to ensure we remain a best-in-class cloud service provider.

learn more

Transparency Report

Law Enforcement Requests and Informatica’s Transparency Report – February 23, 2024

This document explains how Informatica responds to governmental requests for data we process on behalf of our customers.

History of Requests:

From January 1, 2017 through the date of publication of this document, Informatica did not receive any search warrants, subpoenas, or national security requests (such as national security letters or Foreign Intelligence Surveillance Act orders) for customer data or metadata.

Encryption of customer data:

All products on Informatica’s Informatica Intelligent Cloud Services platform hosted on Microsoft Azure, Amazon Web Services, Google Cloud Platform, or Oracle Cloud including Cloud Data Integration, Master Data Management (MDM) Cloud, and Data Quality and Governance Cloud, and single-tenant hosted MDM and Product 360, encrypt all customer data and customer-specific metadata in motion (even traffic within a pod) and at rest (at both file and database level). Encryption is continuous from transit out of the customer’s network, within Informatica’s cloud components, and through to delivery to the destination. Encryption in motion uses TLS v1.2 or greater, and encryption at rest uses AES-256. This encryption creates a practical impediment to surveillance of customer data without awareness of Informatica or our customer.

Our response process relies on four principles:
  1. Notice. Informatica notifies the customer whose data or metadata is the subject of the request, except where prohibited by law. Informatica gives this notification promptly and in advance of fulfilling the request except where prohibited by law or in the case of a bona fide emergency.

  2. Validity. Informatica analyzes each request to determine its validity, including the substance of the request and the jurisdictional authority of the government entity, regulator, or law enforcement agency issuing the request.

  3. Challenge. If Informatica concludes that the request itself or an order to delay notice of the request may not be valid, Informatica challenges that request or order.

  4. Limitation. Informatica provides customer data or metadata in response to the request only if required by law. Informatica construes each request narrowly and discloses only the information required.

If you have questions about this Transparency Report, please contact privacy@informatica.com.

Take control of your data today.

book a demo