Security
Skyello is built for environments where compliance failures have real consequences. Security isn't a feature — it's foundational to everything we build.
Infrastructure
Skyello runs on Microsoft Azure with enterprise-grade infrastructure across every layer of the stack. All data is encrypted at rest using AES-256 via Azure SQL Transparent Data Encryption and Azure Blob Storage encryption. Data in transit is protected with TLS 1.2+ end-to-end, with TLS 1.3 required on all endpoints. Service-to-service communication is secured through Consul Connect with mutual TLS, ensuring zero-trust networking between internal services.
Customers can select their preferred data residency region, ensuring compliance with local data sovereignty requirements.
Authentication & Access Control
Every interaction with the Skyello platform is authenticated and scoped. We support SSO via SAML for seamless enterprise integration, multi-factor authentication for all user accounts, role-based access control to enforce least-privilege at the application level, and row-level security at the database layer ensuring tenants can never access another organization's data.
Application Security
Security is embedded in our development lifecycle. All code changes require peer review before merge. Automated vulnerability scanning runs continuously across our codebase. Dependency and supply chain scanning monitors for known vulnerabilities in third-party packages. Secrets are managed exclusively through HashiCorp Vault with dynamic credential rotation.
Monitoring & Incident Response
Skyello maintains centralized audit logging across all platform services, capturing access events, data modifications, and administrative actions. Real-time alerting surfaces anomalies for immediate investigation. We maintain a documented incident response plan with defined severity levels, escalation procedures, and communication protocols.
Organizational Security
All Skyello employees undergo background checks prior to onboarding and complete regular security awareness training. Internal access follows least-privilege principles — team members are granted only the permissions necessary for their role. All secrets and credentials are managed through Vault with no plaintext storage.
Data Retention & Portability
Customers control their own data retention policies within the platform. Data retention windows are configurable per organization. Customers can request full data export at any time in standard formats. Customers can request complete data deletion, and Skyello will certify destruction upon completion.
Compliance
Skyello is currently pursuing SOC 2 Type II certification. Our security controls are designed to meet or exceed the Trust Services Criteria for security, availability, and confidentiality. For questions about our compliance roadmap or to request our security questionnaire, contact security@skyello.com.