About

Security & Privacy


TIBCO GeoAnalytics services are hosted by ISO 27001, FedRAMP and SSAE 16 SOC1 Type2 compliant cloud infrastructure providers.


REST APIs

User identity is established through an encrypted access key which always takes place over HTTPS or HTTP (chosen by the administrator or the developer). The privacy of the request sent by the user is guaranteed by the fact that we do not store full parameters.

API method and the country used for the request are the only information stored by GeoAnalytics Builder. This information is used to count API Call consumption and is counted and consolidated for each customer account. The country is stored in order to calculate the royalties fees paid to our data providers, which are different from a country to another.

By default the GeoAnalytics Builder API environment is not restricted. If requested by a customer, the environment can be restricted to one or more specified IP addresses.


Content Manager

Each user has a unique username (email address) and a password used each time a user log-in the contente manager web application (http://geoanalyticsbuilder.maporama.com). A session cookie is issued to store the encrypted authentication information for the duration of the user session. Informations stored are the session ID and the expiration date and time.

GeoAnalytics Builder content manager includes the following security features:

  • Complete online workflow to meet enterprise level security policy
  • User interface to create and manage users and users data access rights
  • Ability for groups of users to access the same data table with restrictions on the data access
  • History of users actions on the datasets accessible by the administrator(s)

Data Storage using Content Manager

Each customer account has its own logical separate database schema, providing isolation of stored features. Customers database schema backups can be done on a regular basis if customer requests it.

We use data replication in a Master/Slave model to ensure maximum data security and avoid data losses.

Customers are responsible for the use of the content manager application and the use of their data in the application.