Security Whitepaper

All devices using Cloudasta connect through HTTPS connections.

Google Cloud encrypts all customer content stored at rest, using AES-256 encryption. For more information, please refer to here.

​Cloudasta is hosted on Google Cloud Platform (GCP) which is highly scalable, secure, and reliable. More information is available from Google here.

Cloudasta operates with Google’s VM-architecture and managed services handled and maintained by Google engineers.

Stored in the United States of America. Cloudasta’s application and database are both hosted in the United States of America.

Data is backed up automatically by Google Cloud Platform.
Cloudasta’s database is fully-managed within Google Cloud. For more information you can visit Google’s official documentation here.

Super Admins authenticate via Google OAuth 2.0 to access Cloudasta’s billing application. Cloudasta never stores any OAuth Token. Google OAuth 2.0 is the Google-standard protocol for authorization.
Cloudasta will never handle your passwords in any shape or form.

2-Step Verification is enforced and mandatory for all Cloudasta employees to ensure no one from outside Cloudasta has access to information. For more information on how 2SV protects accounts, please see Google’s documentation here.

Partners are granted access to limited configurations within your domain but your private and sensitive data such as emails in Gmail, Google Drive content is never exposed. This configuration access makes it easier for Partners to troubleshoot any issues you might have with managing Google Workspace. Every reseller action is logged to your Admin audit log and access can be removed at any point as shown in this Google Workspace official support article.