Frequently Asked Questions

Can I manage who is able to see an asset in iconik?

Yes, you can use Access Controls

Can I manage who can perform delete operations in iconik?

Yes, you can use Roles

Does iconik use third party services to audit it's security?

iconik has been assessed by external auditors that have CISSP, OSCP, CEH, PCIP, ISO, CISA, CISM, certifications and following methodologies and standards that include NIST SP800-115, PTES, OWASP and Offensive Security. It was concluded that an unauthorized person cannot penetrate the system, and iconik's security mechanisms are state-of-the-art and effective.

Whose responsibility is it for content that is uploaded to iconik?

Ultimately it's the customer's responsibility to make sure that any file that is uploaded to iconik is free and safe from viruses and malware.

Can I access the Audit logs?

User Audit Log Streaming which is part of iconik Shield can be used by customers to subscribe to the audit log stream for their entire domain.

If you do not have iconik Shield enabled, please contact support@iconik.io and we will provide assistance with access to the audit logs for your domain.

Do you store user passwords?

Yes, we store salted hashes of passwords using PBKDF2.

How does iconik keep my data separate from other customer's data?

Each customer in iconik is assigned a unique id called system_domain_id. This ID is used to partition the database and almost all database tables have the system_domain_id as part of their partition key. This means that database queries can only return data from one customer at a time which decreases the risk of us introducing bugs where we return data for the wrong customer. Enforcement of this system_domain_id check is performed in the iconik API gateway service which is the central component all incoming API calls pass through (see iconik Microservices for a description of the iconik Microservices archtecture) . Media files which are stored in iconik's storage buckets are likewise stored per system_domain_id. Media files which are stored on your own buckets remain within your control and are not stored together with other customer's media.

Do you have a Bug Bounty program?

Yes, we run a formal Bug Bounty program through our partner Inspectiv. If you have discovered an issue with the iconik system itself, any of our auxiliary systems, or our public website then we ask you to contact programs@inspectiv.com and report the issue.

Who has access to the backend of iconik?

Access to the backend resources are limited to a small number of employees with access to the Google Cloud Platform Console Project that we are running the production system on. All support entitled personnel are required to use two factor authentication for their Google Cloud accounts.

iconik testing environments and other environments are separated from the main production environments by accounts, location, complete network isolation and access control.

How do you ensure my data is destroyed when it is deleted from iconik?

All data in iconik is encrypted at REST and destruction of encryption keys is a fundemental method of ensuring data is made unrecoverable. When an asset is deleted it is first placed in the recycle bin for a period which by default is 24 hours. After that the asset is deleted from the system which means the media files, proxies and keyframes are deleted using the cloud storage provider's APIs. This will cause the cloud storage provider to delete the files from their object storage and also purge any encryption keys from the KMS. If you use your own storages, please consult the vendor for more detailed information.

Data in iconik's databases are encrypted using Full Disk Encryption and individual records are not encrypted separately. Data in our Cassandra databases is deleted using a "tombstone" marker which marks the data as deleted on disk but does not actually remove the data from disk. The actual delete from disk happens when a process called Repair is run, which happens once every 7 days. At this point the database files are rewritten and any deleted data is purged. When a database file is purged the underlying data doesn't actually get overwritten immediately so it is possible for a determined forensic analyst to retrieve data from the underlying storage system until it has been overwritten, which at our write rates normally takes another few days. We do not currently have any mechanism for securely purging an individual customer's data securely from our database servers.

Do you separate your development and testing environments from production

Yes, each environment runs in a completely separate cloud project without any connections between them.

Do you use production data for testing?

No, we do not use production data for development or testing. The only exceptions from this are:

  1. If we have been given explicit written permission to do so by the owner of the data. This usually happens when we are troubleshooting a specific issue that is only reproducible with the specific data.
  2. To perform Disaster Recovery Testing where we use a backup copy of the production database to verify that it can be restored in a timely manner to a recovery system.

Learn more