Securing your Data Services (Members, Teams, Permissions & Service Account Keys)

Ascend high-level architecture

Ascend is a SaaS offering that runs in a native cloud environment (AWS, Azure, and GCP) as a private and isolated (single-tenant) deployment. Ascend employs a microservices architecture built on Kubernetes & Apache Spark composed of multiple cloud-hosted Kubernetes clusters designed for on-demand processing at near-limitless scale. This is not a multi-tenant architecture and data is not shared between tenant environments.

Summary of Security Features

Ascend provides industry-leading features that ensure the highest levels of security for your account and data, as well as all the data you store in Ascend.

The following provides a high-level summary of the features, grouped into the following categories:

Data and User Security

Network and Site Access

  • All network connections are secured with TLS 1.2+
  • Service-based Certs & ACLs
  • IP-based access restrictions for Ascend UI/API (Enterprise only)
  • Private/internal data source connections:
    • Reverse SSH
    • SSH Gateway
    • VPN using IPSEC
    • VPC Peering
    • VPC PrivateLink Gateway

Compliance and Validations

  • Annual 3rd Party Penetration Tests & Audit
  • HIPAA compliant
  • SOC 2 Type I Compliance

Deployment Models

Ascend Hosted

For ease of operations, Ascend can host your environment in an Ascend-owned cloud account. You may still request a specific cloud and region for deployment.

In this deployment model, the environment Control Plane and Data Plane both live in an Ascend cloud account, but is still maintained as a single-tenant deployment.

Customer Hosted (Ascend Standard)

This is Ascend's "Standard" method of deployment in which Ascend deploys your environment into a cloud account that you own. This enables you to meet additional security and compliance restrictions, as well as take advantage of existing cloud commitments and discounts.

Note: this deployment model is required if you want to use the Enterprise Security package.

Enterprise Security (Ascend Enterprise)

In a Customer Hosted Standard deployment, you may upgrade to the Enterprise Security package in order to use enhanced capabilities for securing to meet compliance requirements, as well as connecting your environment with additional parts of your infrastructure.

In Customer Hosted deployments (with or without Enterprise Security), Ascend will still manage the operations of your environment infrastructure (including infrastructure maintenance/upgrades, security patches, and software deployments).

3rd party security assessments

Ascend performs annual pen tests with 3rd party firms.

Incident management process

Senior Management maintains and communicates incident and breach response policies to Company personnel. Employees are trained during the initial on-boarding process about the procedures for identifying and reporting incidents. Internal monitoring tools are configured to notify and alert the Engineering team of security and availability events that require investigation and/or resolution.

Notifications and alerts come from various channels that include customer support, automated security scans, monitoring, and logging tools. In order to ensure that incident response is consistent and proper, incident response procedures are documented internally, accessible within Ascend as a reference guide. Depending on the severity of the incident, communication is established between Senior Management, Engineering, and Security. Ascend performs post-mortems to assess and remediate the root cause of these incidents.

To ensure protection with vendors related to security incidents, data protection agreements are required with applicable vendors and they must inform Ascend of any breach or security incident impacting the Platform or its customers. Ascend customers are notified directly via email of any identified security breaches impacting their systems.

Business Continuity Plan and Disaster Recovery program

Ascend has designed and configured the Platform for regional high availability and redundancy. Environment data is backed by the durability guarantees of highly redundant systems such as GCS, S3, and Azure Blob Store. Regular snapshots of production databases are configured to be taken nightly and stored encrypted at-rest using standard AES-256 encryption. Ascend performs restoration tests at least annually to ensure data can be recovered from backups and ensure continuity.

Operations, Engineering, and Security teams maintain a disaster recovery plan and exercises it at least annually. Testing is done to ensure that recovery procedures work as intended. Restoration procedures for backups are performed and tested annually.

Ascend deploys a multi-AZ infrastructure for all real-time services, while asynchronous computation services are deployed in a single-zone cluster (optimized for cost and infrastructure packing efficiency). In the unlikely event that there is a geographic event affecting one datacenter, you will not lose access to interactive services.

3rd party vendor management

Ascend management performs a review of third-party vendors and business associates that will have access to production systems or data to ensure the protection of customer data and Ascend systems. Prior to engaging with a potential vendor, the first step requires that Ascend personnel seeking to engage with a vendor check their references and assess whether the vendor is a fit. The second step is to collect relevant security documentation and certification reports from the vendor and identify areas where their controls do not align with Ascend security and privacy policies. The third step is to perform research to ascertain if the vendor has a history of customer complaints or issues with delivering services such that its reputation is under risk.

Before beginning a third-party relationship, management will assess risk related to the relationship being contemplated. The planning includes, but is not limited to, (1) assessing the extent to which the relationship complements Ascend’s business objectives, philosophy, and long-term goals, (2) comparing the risks and benefits of outsourcing business functions with the risks and benefits of maintaining those functions in-house (3) assessing expertise to manage and monitor the relationship and (4) determining an exit strategy to plan for the contingency of exiting the relationship if it becomes necessary to change course in the future.

3rd parties providing services

  • Cloud Vendors: AWS, Azure, GCP
  • Monitoring providers: Sumo Logic, OpsGenie
    All providers have the same, or greater SOC 2 TYPE 2 certifications. Per HIPAA requirements, we instantiate BAA's with all vendors who handle customer data.

Background checks on employees and contract licensed agents

Background checks are performed before employees join Ascend and cover criminal history, sex offender status, and global watchlist.

Employees in their first week must read and sign Ascend’s Infosec policy and go through HIPAA training. The Infosec policy covers security policies for both digital and physical environments.

Separation of data

The Ascend architecture provides each customer their own deployment in a fully isolated cloud account with no shared resources or access.

Employee and 3rd party service provider/contractor access to data

Similar to other cloud services (e.g. AWS, GCP, Box, Salesforce), certain Ascend employees (no 3rd parties) have access to the customer environment which stores data, which may contain PII/PHI data (if it were uploaded to the system). Access is limited to those necessary to ensure the service is available, up to date, and meeting customer expectations.

Level of logging per environment

Logs are retained for 90 or more days for all systems, but log data can be made available upon request if necessary. Additionally, Ascend offers a security suite that includes monitoring, notification, and audit capabilities that allow customers to record all user and system activity in their own independent systems.

Single Sign On

Ascend supports OAuth2 SSO providers. We also provide a variety of security control measures inside of the product to limit user (ie, your users) access to only appropriate data. This allows you to easily segment data and dataflow access by role or group within your organization while supporting cross-team workflows.

Regular maintenance windows

Ascend is designed for 24/7/365 uptime, and as a result we do not have regular maintenance windows that impact the service.

Uptime service level

Ascend's front-end (UI/API) uptime SLA is 99.9%

We ensure HA at a number of layers in our technology:

  • Ascend runs the control plane components of our systems in multiple availability zones, which are resilient to the loss of any AZ.
  • Ascend data storage uses cloud object stores (S3, GCS, etc) which all provide high data durability (99.999999999% or higher).
  • Our infrastructure runs on Kubernetes (across these AZs) and are resilient to the loss of any (or many) underlying servers.
  • Ascend databases all have hot standbys, in a different AZ, with auto-failover. Additionally, databases take daily snapshots.

Data Garbage Collection & Retention Periods

Expired and replaced data (previous versions of data partitions) are by default retained for 24 hours after they are no longer in use, after which it is garbage collected and permanently deleted. Customers may request for a different retention period if required. Active data will continue to be stored as a dataflow dependency.

Termination of service

If service is terminated, users are able to copy / replicate their data. Data is stored in snappy.parquet files, but users can select other formats such as CSV, TSV, JSON, etc.