How Hava Handles Your Data

Hava is a product that allows users to automatically visualize aspects of their IT infrastructure from most of the major cloud providers. Once data is imported we generate a variety of different views such as infrastructure/network diagrams and security group diagrams.

We completely appreciate the caution that you'd approach a product like this with. When Hava imports data it needs to be able to access resource attributes that can help us understand the identity, structure and behaviour of the systems we're trying to diagram.

For example, when we retrieve data from AWS we use the various Describe* methods, which can occasionally contain sensitive information. The only fields that are stored in the database are those that relate to being able to generate diagrams or displaying certain attributes. We do not store the user_data field or anything that contains environment variables for environments.

AWS keys are stored within our database using AES encryption, but we also promote using Amazon Cross Account Roles for allowing access. Finally, the user is free to tighten the IAM policy to whatever it is that they're comfortable with, and Hava will work past any resources that can't be identified. This of course has limits, we must be able to retrieve a rudimentary amount of the EC2 data to create anything useful.

Hava also supports and recommends AWS cross-account role access, Amazon's best practice methodology for 3rd party connectivity.

Hava imports users data via the AWS or Azure APIs, the basic level of information it requires to generate a useful visualization centers around the AWS EC2 service. We offer a variety of IAM policy configuration that can allow or deny access to certain calls based on the users security policy and comfort of the service. This allows for a "progressive enhancement" style algorithm depending on the access granted to certain resources.

Our database instance is configured to store all data at rest, additionally, column-level encryption of any secret credentials are performed to ensure that data cannot be decrypted without a private key from the application server, this helps protect against potentially harmful SQL injection attacks.

Hava does not operate within the critical path of any user's workflow. Due to the nature of the service and the way it reads data from the user's cloud provider, the only impact of Hava not working would be the functionality of updating an existing, or creating a new diagram.

Hava stores metadata around each running service (i.e. resource ids, configuration values, current metrics) to allow diagrams to be identified and created. Hava imports no data from within user services, but users are welcome to alter the IAM policy to allow a level of access they're comfortable with.

Hava takes security very seriously, a core group of employees have access to production data. Encryption is used at by default for all network communication, and is also used within the database for any credentials. SSH and network-level access is disallowed on all servers, and we follow the principles of immutable artifacts and infrastructure to ensure what is tested is what is deployed.

The current production environment is currently located within USA. If you have specific needs for this data to be stored elsewhere, please get in touch with us.