Security

We use our Edge device to connect millions of different machines out in the field to our platform. Only authorized Uptake users have access to Edge and its data. We take extensive measures to protect against unauthorized device access, tampering and interception of communications between Edge and Uptake's platform.

To determine the right level of protection, we first classify information before any ingestion takes place. We classify all data, provide clear visibility of threats, maintain highly restricted access and isolate live data from other environments. Once data ingestion begins, we encrypt information while it's in transit and at rest.

Based on National Institute of Standards and Technology (NIST) requirements, users only receive the level of access necessary to perform their jobs. Data access control includes passwords, cryptographic keys and multi-factor authentication devices. In the physical realm, access control utilizes key cards, PINs, biometrics and 24/7 CCTV monitoring.

Our networks use a tiered classification framework to provide data separation. Each client-protected data enclave, whether physical or virtual private cloud, is a fully security-hardened stack that includes endpoint and network threat prevention, application firewalls and vulnerability scanning.

Security is embedded in our software development lifecycle (SDLC). We safeguard data with continuous delivery and code-level security insights. We use static and dynamic code analysis, including process gates to prevent introducing vulnerabilities into the production environment.

Our in-house Red Team performs continuous and proactive attack simulations to anticipate and mitigate unauthorized access, escalation of privileges and data theft. In response, the Hunters think like attackers to proactively protect our most critical systems and environments.