Hotjar keeps all our tools and services 'under-one-roof by utilizing a market leader in cloud computing.
- Data at rest
- Data in transit
- Network Security
- Access and Authentication
- Monitoring and Logging
- Data Center Physical Security
- Data Center Environmental Safeguards
Data at rest
Persistent data at rest is stored using industry-standard AES-256 encryption algorithms.
Data related to your user profile is encrypted at rest.
Data you have provided to us through Hotjar services since April 26, 2021 is encrypted at rest, and this will apply without exception from April 26, 2022 onwards.
Data in transit
Data in transit between an end-user and Hotjar is encrypted using TLS 1.2 with the following ciphers;
-
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
-
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
-
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
-
LS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
-
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Network Security
Hotjar serves on average 12,500 requests per second. The networking security controls detailed below ensure that every one of these requests is served in a secure and timely manner.
-
Our certificate that serves this traffic is issued by LetsEncrypt 2048bit RSA key and is signed by SHA256withRSA.
-
We default deny-all on connections in our Virtual Private Cloud(VPC) and explicitly allow ports and services through the management of Security Groups.
-
Network segmentation through Hotjar’s VPC has been implemented to reduce the surface area of attack by containing like services and provides greater performance of resources.
-
Our Content Delivery Network provides the network edge with the resilience and scale to handle large bursts of concurrent connections and mitigates against denial-of-service attempts.
-
Internal load-balancers provide further resilience by handling internal communications between services.
Access and Authentication
Access to Hotjar’s systems is strictly controlled through both our Access Control policies as well as technical controls. Our approach will always be to provision on a ‘need-to-know’ basis.
-
The Hotjar team is only permitted access to internal services via Virtual Private Networks, utilizing OpenVPN.
-
Multi-factor authentication is used as a means of providing additional layers of security to authenticating engineers.
-
Only a limited number of skilled engineers, whose job function is to support and maintain the Hotjar environment, are permitted access to Hotjar’s production environment.
Monitoring and Logging
Hotjar’s Site-Reliability Engineers take ownership of Infrastructure and Application performance monitoring. Below are a few of the measures taken by the SRE team to ensure Hotjar monitors performance while maintaining a strong security mindset.
-
Infrastructure monitoring of compute services, business-layer, and database services health, including read/write latency.
-
Host-based Intrusion Detection Systems (HIDS) monitoring the internal end-hosts.
-
Unauthorized access attempts are logged and escalated through Security Monitoring tools.
-
Application Performance Management (APM) and monitoring of services.
-
Network Edge Content Delivery Networking (CDN) alerting.
-
The centrally managed logging platform, with a near real-time dashboard of service health.
-
Automated alerting configured with an on-call schedule. Escalation metrics, procedures, and playbooks implemented in line with Incident Response Management Plan
Data Center Physical Security
Amazon Web Services has built a world-leading process for the physical security of its Data Centers.
-
Only pre-approved physical access to data centers is granted to employees and third-parties, who have a valid business justification to have physical access. The principle of least privilege is applied to requests for specific predetermined data center layers. Data Center access requests are time-bound and reviewed on a regular basis.
-
Third-party access or users are distinguished through their user badges and are escorted by authorized staff for the whole duration of their visit.
-
Physical access points to server rooms are recorded by Closed Circuit Television Camera (CCTV). Images are retained according to legal and compliance requirements.
-
Physical access is controlled at building ingress points by professional security staff utilizing surveillance, detection systems, and other electronic means. Authorized staff utilizes multi-factor authentication mechanisms to access data centers.
-
Alarms are immediately dispatched to 24/7 AWS Security Operations Centers for immediate logging, analysis, and response.
Data Center Environmental Safeguards
Environmental and power considerations have been made to ensure that in the event of a natural or environmental event, safeguards have been implemented to provide continued operational service and minimal downtime.
-
Electrical power systems are designed to be fully redundant and maintainable without impact to operations. Back-up power is installed to supply and ensure power is available to maintain operations in the event of an electrical failure for critical and essential loads in the facility.
-
Mechanisms to control climate and maintain an appropriate operating temperature for servers and other hardware to prevent overheating and reduce the possibility of service outages.
-
Automatic fire detection- and suppression equipment. Fire detection systems utilize smoke detection sensors within networking, mechanical, and infrastructure spaces. These areas are also protected by fire suppression systems.
-
Should potential flooding occur in the Data Center, mechanisms are in place to remove water in order to prevent any additional water damage.