Security

How we handle your data at WayScript

Where is my data stored, and is it secure?

Yes, your data is secure. WayScript establishes strict security boundaries on computing resources to maintain customer data privacy. When executing a script, the WayScript backend returns the data generated to the web client and then terminates the process and spins down the container used for processing. None of the data returned by your code or modules is stored on our end, unless outputted to a file or logged to StdOutput. Database records and file data is stored on shared resources but with strict controls in place to disable access by other scripts and other users.

What do you do to keep WayScript secure?

Security affects everything we do at WayScript. We are SOC 2 Type 2 compliant and we:

  • Force HTTPS on all connections, so data in-transit is encrypted with TLS 1.2.

  • Encrypt all customer data in-transit and at-rest with AES-256.

  • Host all servers in the US, in data centers that are SOC 1, SOC 2 and ISO 27001 certified. Our data centers have round-the-clock security, fully redundant power systems, backups across multiple regions, two-factor authentication, and physical audit logs.

  • Regularly conduct external penetration tests from third-party vendors.

  • Regularly conduct security awareness training sessions with all employees.

  • Employ security logging and monitoring to detect potentially malicious behaviors.

  • Use secure coding and code deployment practices.

  • Ensure all employees have passed background checks.

What sort of data does WayScript store?

WayScript stores the following data to operate its service, which may include personal data:

  • Account information (name, email, etc.)

  • Files created or uploaded to the WayScript platform

  • Authentication credentials (tokenized and/or encrypted) for connected integration

WayScript also stores metadata concerning your usage, such as:

  • Page view (url of page)

  • Adding a module (type of module, name of module)

  • Running a script (length of execution, execution status)

  • Receiving events (type of event, number of events)

  • Sharing a script (number of clones)

  • Team members (emails, number of members, etc.)

Edit on GitHub