Amplitude’s security program governance is modeled to support ISO 27001/2 ISMS requirements, and the needs and requirements of our customers. We provide a secure platform, while addressing all relevant legal, industry, and regulatory concerns.
Our core principles for information security are:
- To maintain a feature-rich, highly secure platform
- To address our customers’ security needs and compliance mandates
- To operate our platform safely and reliably
Core Principle – Maintain a Feature-Rich, Highly Secure Platform
We weave security into every aspect of our product life cycle (cradle-to-grave).
Our software development lifecycle (SDLC) ensures that all code undergoes automated and manual security review by embedded security tools and personnel experienced and trained in secure coding techniques. No code can be promoted into production without full testing. We provide relevant training on an ongoing basis, based on the results of external code reviews. Old code is retired regularly, avoiding the accumulation of unnecessary legacy code which can otherwise harm the security and reliability of the platform.
Amplitude also maintains a private bug bounty program with HackerOne, providing us with valuable, ongoing feedback from the security researcher community.
Our cloud operations are embedded in an established, large, secure cloud environment (Amazon AWS), across multiple availability zones, ensuring a solid foundation for security and reliability. We make use of available security features such as virtual private clouds (VPCs), and layer on additional controls within our virtual environment. Examples include system hardening with industry established benchmarks from CIS with automated compliance checks, centralized security event management via a 24x7x365 SOC, use of strong encryption and key management tools, recurring vulnerability testing, centralized and automated configuration management, enforcement of multi-factor authentication for all internal access, and more. Taking advantage of virtualization also allows us to keep our systems patched as a matter of course, as part of their typically short (hours or days) lifecycle.
Core Principle – Address Customers Security Needs and Compliance Mandates
Amplitude knows that many of our customers have explicit requirements tied to rules, laws, regulations, and industry security standards and compliance programs. And while Amazon, our cloud provider, offers a host of compliance certifications, they only cover the network infrastructure and data centers (IaaS components).
We realize that we need to go far beyond that in order to satisfy the needs of our customers. To that end, Amplitude has chosen a number of compliance programs to adopt that cover its own operations within the cloud. Through those programs, we can assure that your use of Amplitude will not put your data and compliance requirements at risk.
Core Principle – Operate our Platform Safely and Reliably
At Amplitude, we recognize that security is not just about well-designed technical security controls – secure environment management is also critically important. We consider security operations a mission-critical aspect of our security program.
Amplitude relies on a mix of internal and external audits, automated and manual in-depth testing of all platform components, and a comprehensive approach towards managing security alerts and events to ensure that our controls are performing as they should. Role segregation ensures that only necessary personnel have access to sensitive data. Recurring, role-based training, is used to maintain awareness of security within Amplitude’s culture.
Security is more than a set of technical controls – we know that to operate our platform securely, we must also keep our people and our processes in mind. As our customer, you want more than just fancy certifications or the technology vendors we use, and we aim to provide that.
Shared Responsibility Model
Like Amazon, Amplitude is responsible for maintaining a secure platform, managing all aspects of the platform to a high, secure, reliable standard; as our customer, you are responsible for using the Amplitude platform in a legal and responsible manner.
It is important to understand that as a platform, Amplitude has certain attributes that as our customer, you must take into account as you use our platform:
Amplitude is data-neutral – we do not know what data you choose to send to our platform. If our engine can process it, then it will, but there is no inspection or monitoring by Amplitude of the underlying data payloads. Amplitude does not make any data-based decisions other than following your instructions as you configure the platform to perform your desired operations.
Amplitude is also data-agnostic – Amplitude will take no action based on the nature of any particular data or its classification. All incoming data is dealt with identically. To support precision ingestion, Amplitude can provide customers an optional Taxonomy add-on, which allows administrators to clearly define which data elements they wish the platform to ingest and process (analytics white-list engine). Data elements that do not conform to the defined specification will be automatically discarded. With Taxonomy, customers can be confident that Amplitude will only process their approved data elements, and unapproved data will be blocked even if their application attempts to send it due to configuration or programming errors.