Data Handling and Security FAQs
chevron_right
Where PII is stored? How can I opt out?
By default, all values suspected as literals are removed before being displayed or saved in the Foglight repository.
You can choose to keep the original queries as is. For more information refer to Replacing literals.
chevron_right
Do you upload any data from our database?
Foglight Cloud tracks SQL queries that are executed and the query plans used to execute them. This may contain fragments of data in the form of string literals. By default, we remove these to prevent any accidental or unexpected data uploads.
chevron_right
Why is Foglight Cloud more secure than an on-premise monitoring tool?
Our data center provider, Microsoft Azure🔗, maintains ISO 27001, SOC2 Type II, and many other certifications. For more information refer here🔗.
Since Foglight Cloud is a SaaS product, vulnerability patches are applied instantly to all users.
Out-of-date software frequently exposes an organization’s security vulnerabilities. Microsoft has a dedicated team that works 24/7 to ensure their infrastructure is patched and updated in response to any security threats. Similarly, Foglight Cloud’s security team works to keep Foglight Cloud’s code up-to-date and respond to any security threats that may arise.
Foglight Cloud’s infrastructure and application undergo periodic penetration testing by an independent third-party penetration testing firm.
chevron_right
How do you store the uploaded performance data?
Foglight Cloud stores all data in Azure managed databases (SQL Server and PostgreSQL)
All data is encrypted with AES 256🔗. This is the same top-level encryption currently used by the NSA and US government.
chevron_right
How do you protect data while it’s being uploaded?
Foglight Cloud data is encrypted in transit using TLS 1.2.
chevron_right
How long do you store the data?
Currently, we keep the performance data related to paid accounts for one year for trend analysis.
chevron_right
Can I request to have my data removed from Foglight Cloud and get verification?
Yes. To delete your data completely, you should either raise a support case or email your Quest account manager. As soon as the data is deleted, you will be notified.
chevron_right
Where is the customer data stored? How is it protected?
The data is stored in Azure data centers located in the USA, Canada, or Germany, depending on the customer’s choice.
chevron_right
Which ports need to be opened between my environment and Foglight Cloud?
You can review the list of ports on the
Data Handling and Security page.
