Privacy Policy

Cloudaware provides SaaS (Software as a Service) CMDB to customers. CMDB gathers cloud infrastructure metadata that a customer leverages. Cloudaware has recommended security policies for accessing resources in a cloud provider system. These cloud access policies are specifically designed to provide Cloudaware with access to describe a customer cloud infrastructure without giving access to the business data.

Cloudaware operates as a container application inside Salesforce's app engine and is subject to all Salesforce security controls. The Cloudaware role is limited to updating, deleting, and inserting new data into CMDB. There are no algorithms or automated batch export jobs that export a customer's data outside of the Salesforce instance where Cloudaware is hosted. In addition, the Cloudaware internal security policy explicitly forbids exporting the customer data outside of the customer’s Salesforce instance. In order to provide our customers with hands-on support, technical account managers associated with a customer account have access to a customer's Cloudaware instance.

Cloudaware processes and stores customer data on Salesforce's app engine infrastructure. Many of Salesforce's SOC2 controls regarding data backup, DR, BCP, access control, and auditing apply directly to Cloudaware. More information about compliance certifications are available here:

Salesforce performs its own security and audit process to vet vendors whose applications are offered via Salesforce's app store. More details about this process are available here:

Additional helpful documentation:

Last Updated May 20, 2022