Security

Where and how is my data stored?

When you connect integrations (e.g. PostgreSQL, MongoDB, MySQL, etc), Paragon encrypts each set of credentials with a newly generated set of encryption keys and securely stores them in a distributed vault with bank-level encryption.

The metadata, encrypted values, and keys are stored in separate data stores with their own access control policies, and the plain text values are never stored or logged anywhere.

What do you do to keep Paragon secure?

Your security and privacy is a top priority at Paragon. We:

  • force HTTPS on all connections so data in-transit is encrypted with TLS

  • have access control policies and credentials for every microservice in our infrastructure

  • securely store all 3rd party credentials in a distributed vault with bank-level encryption

  • regularly update underlying packages and dependencies with security updates

  • regularly audit logs for strange or suspicious activity

  • host all servers in the US

What data does Paragon store?

Paragon stores:

  • user account info

  • metadata on web app usage (creating workflows, updating steps, etc)

  • workflow structure and related info (integrations, environment secrets, etc)

  • integration credentials (securely encrypted and stored in a distributed vault)

  • execution metadata (execution duration, input, output, etc)

Can I host Paragon on-premise or on my virtual private cloud?

Absolutely! You can host Paragon both on-premise or on your own private cloud. Please contact us if you're interested in either of these solutions.