You'll find answers to commonly asked questions about our products/services here. If you can't find the information you're looking for, feel free to contact our support team for further assistance.
Informatica isn't ISO 27001 certified yet, but it's on our roadmap, and we're considering to get certified sooner.
The list of Subprocessors is available at: https://www.informatica.com/legal/informatica-subprocessors.html
Informatica engages a reputable third-party vendor to perform a pentest on its environment annually. Please contact your Informatica account executive for a summary copy of the latest pentest.
Our platform leverages industry-standard encryption practices. This means that customer data is encrypted at rest using an AES-256 key. Data in transit is encrypted using TLS-1.2 or above protocol.
Informatica scans its environment periodically and identified vulnerabilities are patched according to the Security Vulnerability Patching Policy.
Employee background checks are performed before they are onboarded.
Informatica will notify the Customer upon becoming aware of an incident or breach within 72 hours through the agreed-upon channel specified in the contract.
Please send an email to Security@informatica.com.
For more information on Informatica's Service Level Commitment, please visit:
https://www.informatica.com/content/dam/informatica-com/en/docs/legal/service-level-commitment.pdf
Training and Awareness for Compliance and Privacy is conducted for all employees during on-boarding and annually thereafter.
The privacy policies are reviewed annually. Our external privacy policy can be found at Informatica Privacy Policy.
Informatica maintains information security liability insurance or errors & omissions insurance covering liability for Security Incidents. Cyber Insurance is available for download in the Security Tab of the Trust Center Page.
Informatica employs NIST 800-88 standards for secure data destruction. Informatica will wipe all customer data from Informatica storage locations and provide a written certification of destruction within 60 days.
Informatica's change management is based on the Information Technology Infrastructure Library (ITIL) methodology for IT Service Management best practices. Our operational change management/Change Control policy or program includes Pre-implementation testing, Post-implementation testing, a review for potential security impact, operational impact, communication of changes to all relevant Constituents, Rollback procedures, Documentation, and logging of changes.
Informatica Cloud Solution utilizes a multi-tenant environment, with segregation maintained by the application. Data segregation is achieved using logical database schema.