Your tours can be made public or private. You can also password protect your tours in Tour Settings.
We use Google Cloud for data storage. The data is encrypted at rest and in transit using 256-bit encryption to protect all customer data. On the frontend, our assets and certificates are protected by CloudFlare.
All customer content stored at rest is encrypted, without any action required from the customer, using one or more encryption mechanisms. All data stored in by CloudPano on Google Cloud is encrypted at the storage level using AES256.
Data is encrypted and authenticated in transit at one or more network layers when it moves outside physical boundaries not controlled by CloudPano.
Depending on the connection that is being made, CloudPano applies default protections to data in transit. For example, communications are secured between the user and the CloudPano using TLS/SSL.
CloudPano Enterprise customers with additional requirements for encryption of data over WAN can choose to implement further protections for data as it moves from a user to an application. These include VPN/IPSec tunnels and managed SSL certificates.
CloudPano data is secured and also backed up using industry standard-retention policies. For CloudPano, this means that backups are taken at 15-minute increments and stored for 10 days. Beyond the 10 day period, weekly snapshots are available going back one year.
Data is copied to geographically distributed datacenters, so that if a datacenter physically goes down, the data still exists at a different physical location.
Data may be deleted as requested by the customer. You may request formal deletion of data from all backups as well.
We use CloudFlare CDN and our data is globally distributed at the edge. Here is a graphic of our edge server locations:
Because we use Google Cloud for data storage, we are benefactors of their robust compliance policies and architecture. The answer is typically always “Yes, we meet that compliance need.”
You can use this site to look up the exact compliance requirements you need and learn more about how our datacenters adhere to those policies.
All certifications can be found at link above.
The datacenters we use are HIPAA compliant.
We do not store any personal identifiable information beyond user name.
The datacenters we use are compliant with standard educational requirements. We also adhere to internal processes that ensure total compliance.
CloudPano helps our school customers be compliant. Specifically:
Any sensitive online information is transmitted over secure channels;
All student data are stored in ways that are not publicly accessible;
Security audits are regularly performed to ensure data integrity;
CloudPano does not share information with third parties that could be used to identify students without consent from the student’s parent, guardian, or school