Getting Started Beginner

Data Security and Privacy in clariBI

3 min read Updated February 11, 2026
Learn about clariBI's security measures, data encryption, compliance features, and how to protect your business data.

Comprehensive overview of security features including encryption, access controls, audit logs, GDPR compliance, and data protection.

Security Architecture

Data Encryption

  • In Transit: TLS 1.3 encryption for all data transmission
  • At Rest: AES-256 encryption for stored data
  • Database: Encrypted database storage with key rotation
  • Backups: Encrypted automated backups

Infrastructure Security

  • Cloud Provider: Enterprise-grade AWS infrastructure
  • Network: Private VPC with security groups
  • Monitoring: 24/7 security monitoring and threat detection
  • Compliance: SOC 2 Type II certified

Access Controls

User Authentication

  • Multi-Factor Authentication: TOTP-based MFA (Professional+ plans)
  • OAuth SSO: Google, Microsoft authentication (Professional+ plans)
  • SAML SSO: Okta, Azure AD, custom providers (Enterprise plan)
  • Password Policy: Strong password requirements (all plans)
  • Session Management: Automatic timeout and secure sessions (all plans)

Role-Based Permissions (Professional+ plans)

  • Owner: Full system access, billing, and security settings
  • Administrator: User management and organization configuration
  • Analyst: Create dashboards, reports, and analytics
  • Member: Standard access (default role)
  • Viewer: Read-only access to assigned content
  • Custom Roles: Granular permission configuration (Enterprise plan)

Data Source Security

  • Connection Encryption: Secure encrypted connections
  • Credential Management: Encrypted credential storage
  • IP Whitelisting: Restrict access by IP address
  • Read-Only Access: Recommend read-only database users

Privacy Protection

Data Processing

  • Purpose Limitation: Data used only for business intelligence
  • Data Minimization: Collect only necessary data
  • Storage Limitation: Automated data retention policies
  • Accuracy: Data validation and cleansing processes

User Rights (GDPR Compliance)

  • Right to Access: Export your data anytime
  • Right to Portability: Standard data export formats
  • Right to Rectification: Update or correct your data
  • Right to Erasure: Complete data deletion upon request

Audit and Compliance

Audit Logging

  • User Actions: Complete audit trail of user activities
  • Data Access: Log all data access and modifications
  • System Events: Security events and system changes
  • Retention: 7-year audit log retention

Compliance Standards

  • GDPR: Full European privacy regulation compliance
  • CCPA: California Consumer Privacy Act compliance
  • SOC 2: Security controls and operational effectiveness
  • HIPAA: Healthcare data protection (Enterprise plan)

Best Practices for Users

Account Security

  1. Enable MFA: Use multi-factor authentication (Professional+ plans)
  2. Strong Passwords: Use unique, complex passwords
  3. Regular Reviews: Audit user access regularly
  4. Least Privilege: Grant minimum necessary permissions

Data Protection

  1. Classify Data: Identify sensitive data types
  2. Access Controls: Implement appropriate restrictions
  3. Regular Backups: Maintain secure data backups
  4. Incident Response: Have breach response procedures

Team Management

  1. User Onboarding: Proper security training for new users
  2. Access Reviews: Regular access certification
  3. Offboarding: Immediate access removal for departing users
  4. Shared Accounts: Never share login credentials

Data Residency and Location

Global Infrastructure

  • Primary: US East (Virginia) - default for US customers
  • Europe: EU Central (Frankfurt) - GDPR compliance
  • Asia Pacific: Available for regional customers
  • Data Isolation: Customer data never mixed between regions

Data Transfer

  • Cross-Border: Standard Contractual Clauses (SCCs)
  • Encryption: All transfers encrypted in transit
  • Compliance: Meet local data residency requirements
  • Customer Choice: Select preferred data region

Incident Response

Security Monitoring

  • 24/7 Monitoring: Continuous security monitoring
  • Threat Detection: AI-powered anomaly detection
  • Response Team: Dedicated security incident response
  • Communication: Transparent incident communication

Your Role

  • Report Issues: Immediately report suspected security issues
  • Follow Procedures: Adhere to security policies
  • Stay Informed: Keep up with security updates
  • Business Continuity: Maintain backup access procedures

Contact Security Team

For security questions or to report issues:
- Email: security@claribi.com
- Emergency: 24/7 security hotline available
- Bug Bounty: Responsible disclosure program active

Your data security is our top priority.

Related Articles

View All Articles

Still Need Help?

Can't find what you're looking for? Our support team is here to help you succeed with clariBI.

Contact Support View Documentation