1. How can I secure my Appranix account?
2. How safe is my account data with Appranix?
SOC 2 Type II Compliance: Appranix is a SOC 2 Type II Compliant organization. Developed by the American Institute of CPAs (AICPA), SOC 2 Type defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality and privacy. This certification ensures that the company follows strict security practices and controls to safeguard customer data.
Data Protection and Account Permission: Appranix does not copy and move your application data to a proprietary data management system or to Appranix controlled cloud service. All of your data remains securely stored within your own cloud account.
3. Is there a way to limit a user's cloud account permissions provided to Appranix?
Yes, Appranix offers a feature called IAM Permission Manager that allows you to control and limit the cloud account permissions provided to Appranix.
The IAM Permission Manager in Appranix enables users to manage and customize the permission that needs to be provided for Appranix. The permissions are grouped into four categories. They are,
Discovery
Protection
Recovery
Reset
Discovery permission will be used for discovering all your cloud resources. After discovering all the resources will be listed in the Cloud Connection summary page. For this, Appranix requires only the read permission for all your resources.
Protection permission will be used for protecting your cloud resources. Since Appranix uses snapshots to protect the resources, it requires create snapshot and related permission for all your cloud resources.
Recovery permission will be used for recreating all your protected cloud resources in the recovery region. For this operation, Appranix gets resource creation permission in your cloud account.
Reset permission will be used for deleting all the recovered cloud resources during Appranix recovery operation. For this, Appranix requires resource deletion permission in your cloud account. If needed, this can be disabled in the granular level permission page(refer to the link below) and the customer can take care of the deletion of the recovered resources on their own.
For more details, https://support.appranix.com/portal/en/kb/articles/appranix-granular-level-permission-feature-guide
4. Is there a way to access Appranix capabilities without providing delete permission to Appranix?
Yes, it is possible to access Appranix capabilities without granting delete permissions to the platform. However, it's important to note that if a resource is recovered by Appranix, the manual deletion of that resource is required within the user's cloud account and it has to be taken care by the customer.