1010data uses a risk-based approach in providing whatever level of security is appropriate, reasonable, and cost-effective for protecting your data, consistent with your regulatory and compliance regime (up to HIPAA-grade security.) Our baseline offering puts equipment in data centers with top grade environment and physical security, and above that adds excellent network and platform security and supplemental security controls when needed. Logical and physical access is limited to those specific, designated, trustworthy people who need it, and can be restricted to specific tables and rows containing only certain values in certain columns. Regular collaboration means we typically know our customers, and advise them on reducing risk by good data design (such as deidentifying or not even storing risky data with low analytical value.) We use strong cryptography to protect interactive sessions, and ensure confidentiality and integrity of data in transit and in archival storage. Data access can be limited to users on a customer's network, and we allow customers to substantially manage and log their users’ access to data.