Security
Pathfinder benefits from AWS security guarantees and employs a team of world-leading and certified Information Security professionals who ensure that all related policies and infrastructure are in place and implemented to the highest standards.
AWS Infrastructure
Pathfinder platform is built on AWS’s secure cloud infrastructure which is in compliance with every important Information Security standard and follows all security best practices recommended by the InfoSec community. Information Security experts believe that AWS infrastructure is more secure than on-premises architectures, simply because of the multi-billion dollar investments AWS makes in securing the world’s most critical IT services. Pathfinder uses AWS services to encrypt all data whether it is at rest or being transferred. Pathfinder also uses AWS backend services to create isolated storage for every organization hosted on it, so that it is impossible for customer data to be compromised.


ISO 27001 Standards
Retrocausal has published and implemented the complete set of policies in accordance with ISO 27001 standards to ensure our processes are robust with respect to all relevant information security concerns. Retrocausal is able to share these detailed policy documents with IT teams of prospective customers. These policies include Access Management, Acceptable Usage, Capacity Management, Change Management, Data Management, Email and Communication, Endpoint Security, HR Handbook, Incident Management, Induction and De-induction, Information Security in Project Management, Information Security Management System, Internal Audit, Asset Management, Business Continuity, ISMS Contextualization and Legal Compliance, Logging and Monitoring, Password, Physical and Environmental Security, Quality Assurance, Risk Management, Supplier Relationship, and Vulnerability Assessment policies amongst others. Retrocausal has an internal team of certified ISO 27001 auditors who regularly conduct internal audits and penetration testing. In addition, Retrocausal works with Vanta and an outside InfoSec firm to regularly conduct external audits of all its processes and infrastructure.
Single Sign On (SSO)
Pathfinder provides its own secure Identity and Access Management (IAM) system following the best practices enforced by ISO 27001 standards. At the same time, Pathfinder also enables customers to use their existing IAM and SSO solutions with Pathfinder. This allows customers to disable access when an employee switches jobs and provide their employees with access privileges based on their needs in a centralized manner. Currently we offer Azure Active Directory and Okta support in the platform, but we are rapidly expanding coverage to other SSO solutions as well.


Security Information and Event Management (SIEM)
At the same time, some customers are already logging data from all their other SaaS solutions into their SIEM, which helps them correlate any security events across services. For these kinds of customers, we also provide integrations to IBM Security QRADAR SIEM solution. In addition, we are working on expanding coverage to Azure Sentinel.
Disaster Recovery and Backups
Disaster recovery planning and backups are crucial for enterprise data because they help organizations prepare for and recover from unexpected events that can compromise the availability, integrity, or confidentiality of their data. Such events may include natural disasters, cyber attacks, hardware or software failures, human errors, and other emergencies. Pathfinder uses Microsoft Azure Blob Storage as a means of redundancy to ensure data protection in the case of disasters. All customer data is backed up in encrypted form from AWS infrastructure to Azure infrastructure on a daily basis. Retrocausal regularly tests its Disaster Recovery Plans by simulating a number of different scenarios and validating the integrity of backups and viability of infrastructure.


Avoiding Subprocessors
In order to ensure tight control on all aspects of data security, Retrocausal does not utilize any sub-processors. This policy means that we strictly avoid hiring external firms for software development or data labeling operations. Only Retrocausal’s own support team is able to interact with customer data, by electronic permission by the customer.
Get access to the leading video analytics platform for your factory floor.