Surveilr and Deno: Security and Compliance Approval Guide
Both Surveilr and Deno are designed with security and compliance as core principles, making them suitable for secure environments. Here’s a detailed guide on how to proceed if your company requires approval before using Surveilr or Deno:
1. Obtain the End User License Agreement (EULA)
Your legal and compliance teams will typically need a copy of the End User License Agreement (EULA), which outlines the terms of use, licensing rights, and responsibilities.
- For Surveilr: You can find the EULA here.
- For Deno: The EULA is available on the official Deno website.
2. Explain the Security and Compliance Benefits
Both Surveilr and Deno are single-binary applications designed with security by default and compliance in mind. Here’s why they are particularly secure and suitable for regulated environments:
- SOC 2 Compliance: Both tools adhere to SOC 2 standards, ensuring they meet industry-recognized requirements for security, availability, and confidentiality. SOC 2 compliance means both tools are independently audited to verify that they have adequate controls and processes in place to protect data. SOC 2 documentation is available upon request.
- Written in Rust: Both tools are built using Rust, a modern programming language known for its memory safety guarantees, preventing vulnerabilities like buffer overflows and data races.
- No Third-Party Dependencies: Surveilr and Deno don’t rely on external libraries, reducing security risks from external components and simplifying the audit process.
- HTTPS Encryption by Default: All external communication is conducted via HTTPS, ensuring encrypted traffic for secure data transmission.
3. Provide Additional Security and Compliance Documentation
In secure environments, IT departments may request more documentation beyond the EULA. This can include:
- Data Security Policies: Surveilr processes data locally by default, with encrypted communication when external communication is needed.
- Memory Safety: Rust’s ownership system ensures memory is managed securely, preventing many vulnerabilities.
- SOC 2 Reports: SOC 2 compliance documentation can be provided to verify controls around security, availability, and privacy.
- Encryption Standards: Both tools encrypt data in transit using HTTPS and offer encryption for data at rest.
4. Compliance Certifications and Audits
Your IT department may request proof of compliance with industry standards like SOC 2, ISO 27001, or HIPAA:
- SOC 2 Compliance Assurance: Both Surveilr and Deno have undergone SOC 2 audits and can provide the necessary reports.
- Rust-Based Security: The tools’ memory safety and race prevention through Rust are strong points for compliance.
- Encryption Compliance: Full HTTPS encryption ensures compliance with standards like GDPR, HIPAA, and PCI DSS.
5. Network and Infrastructure Requirements
Corporate IT environments often have strict network security requirements. Here’s how Surveilr and Deno meet them:
- Minimal Network Access: Both tools are single binaries and require minimal external network access, all conducted over HTTPS.
- On-Premise Deployment: Surveilr can run entirely on-premises, ideal for organizations with strict data sovereignty requirements.
- Secure API Integrations: Any external API communication is encrypted using HTTPS.
6. Contact Your Legal or IT Compliance Team
Once you’ve gathered the required documentation (EULA, security policies, etc.), share it with your legal or IT compliance team. Highlight the following:
- Surveilr and Deno are written in Rust, providing memory safety and mitigating common vulnerabilities.
- Both tools are single-binary, making them easier to audit.
- They are SOC 2 compliant, and relevant documentation is available.
- All external communication is encrypted via HTTPS.
For further assistance, your team can reach out to us at [support@surveilr.com].
7. Understand the Approval Timeline
The approval process for new software can take up to 12 weeks. Ensure regular follow-ups with your team and emphasize the tools’ security features.
8. Request Additional Assistance (Optional)
If approval delays your deployment, we offer:
- Demos or Test Environments: Evaluate the software in a test environment.
- Direct Consultation: Our support team can provide technical and security documentation to expedite the process.
By following these steps, you’ll ensure that both Surveilr and Deno meet your organization’s stringent IT and security requirements. With their single-binary architecture, Rust-based memory safety, lack of third-party dependencies, SOC 2 compliance, and HTTPS encryption, they are ideal for use in secure corporate environments.