Data Security and Scale for the World’s Largest Enterprises
Incorta analytics are used by some of the most valuable brands in the world. Their requirements for data security, reliability and system integration are stringent, and fortunately Incorta is up to the task.

Be Safe with Secure Data
Data security and integrity is maintained by securing data in transit, securing data at rest, integration with security platforms and role-based access controls.
- Incorta gives IT a centralized data analytics platform that integrates with existing security systems such as Okta, OneLogin and Microsoft Active Directory, granting access based on user- or role-based permissions.
- Single Sign-On (SSO) supports SAML2, AD, LDAP protocols, and user passwords are encrypted with AES 128.
- Incorta is unique among data analytics platforms in that we retain all application-level security parameters, including row-level security for data access by copying original security settings from each source application. This reduces security risks and additional overhead inherent in attempting to rebuild a security framework
- Data in transit, between data sources or different components, is encrypted via TLS 1.2
- Data in storage is protected using full, 128-bit AES encryption, rotating keys and no client-side data caching, optionally encrypted with external keys.
- Individual data columns can be restricted and/or encrypted. Individual data rows can be contextually restricted using session variables and runtime security filters.

No More Trade-Offs
No longer do you need to choose between data fidelity, data performance and data security controls.
Incorta is unique among analytics platforms in that we retain all application-level security parameters, including row-level security for data access by copying original security settings from each source application.
Our real-time, row and column level security, inherited from the source systems, controls access and ensures privacy without compromising the single source-of-truth.
This reduces security risks inherent in attempting to rebuild a security framework.
Data Security, Privacy & Compliance
Incorta is continuously working to enhance data security and the ways we protect it. Incorta has established operational controls in accordance with SOC2 standards and are working to grow our certification portfolio to provide you with confidence that Incorta operates under state-of-the-art security architecture, processes, and controls - and that your data is fully protected.

SOC2 Type II Security Certification
The SOC 2 Security report is designed to provide assurances about the effectiveness of controls in place at Incorta that are relevant to security of our systems and the ways in which we provide products and services that customers rely on - specifically with respect to the Incorta Direct Data Platform and customer data.
The SOC 2 Type II Report, produced by an independent auditor and updated annually, represents an attestation that an organization has adhered policies and controls that align with the standards set forth in TSP 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy, (AICPA, Trust Services Criteria).
Incorta’s SOC 2 Type II Report is available for review upon request (please contact infosec@incorta.com).

GDPR, CCPA and Privacy
Incorta has taken best practice measures to ensure data security and compliance with the European Union’s General Data Privacy Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our compliance team sets policies and controls for Incorta employees worldwide to safely care for Personal Identifiable Information (PII), in accordance with the guidelines of the GDPR and the CCPA.
We only collect the minimal Personal Identifiable Information required for us to provide our services and to engage with the community. Incorta has established the following safeguards:
- PII is only collected if the subject has given prior consent
- PII on public networks is encrypted
- PII is only accessible by authorized personnel
- We prohibit the storage of PII on Incorta workstations, mobile devices, and portable storage devices.
You can learn more about the way we handle the above in our privacy policy.
For any questions regarding GDPR, CCPA and privacy please contact infosec@incorta.com.