Why Metadrive is safe

When our clients decide to use Metadrive it is because they are highly convinced that it is not an intrusive tool. After all, we respect the information of each user and we limit ourselves to storing only the information to configure the use of the domains on the platform.

In this article, we will tell you some key points of our security and data protection policy. The reasons why more and more companies trust Metadrive as their business information management

Login

Metadrive uses the Google account login, the OAuth2 flow, so we don’t need to do any password management. By using this system, we automatically apply all the Google security, such as 2-step verification and the devices from which you log in. 

Documents

All documents are stored in users’ Google Drive domain. As a result, all the files that are managed in Metadrive are automatically segregated, since they are stored in different Google domains.

Metadrive also does not have access to user documents. We only use domain permissions to perform operations on them when the tool is in use. When working on Google Drive permissions, we respect unauthorized access.

Metadata 

We only store the properties and workflow settings. The metadata is stored in the Google Drive documents themselves.  Metadrive does not index the information. 

Infrastructure 

Metadrive is hosted on Google Cloud Platform, and specifically on the Google App Engine service. This is one of the safest platforms as a service on the market, with certifications such as SOC2, SOC3, ISO 27001, ISO 27017, ISO 27018, FedRamp ATO, and PCI DSS. 

Data transfer 

All information transferred to and from Metadrive is encrypted by industry-standard protocols such as SSL / TLS. Metadrive front ends are managed by Google App Engine, which provides highly secure web servers, which are regularly updated against any detected vulnerabilities.

Since Metadrive is hosted on Google Cloud Platform, the information exchanged between the application and Google Drive is transferred via Google’s private network.

Internal politics 

At Evebytes, our internal policy is Cloud only. In this way, we make sure that everyone can work from anywhere.