By orchestrating security content upstream of every data application, you can maintain absolutely consistent and granular data access controls.

These granular, role-based and column-based access controls make it possible to grant viewing and operating permissions to individual data consumers, at both the raw data and metrics levels—and doing so upstream eliminates access control gaps.

Cube complies by HIPAA guidelines—a regulation dictated by The Office of Civil Rights (OCR) of the Department of Health and Human Services (HHS) to protect medical patients' records and PII. It encompasses sensitive data storage, movement, and handling to ensure to ensure its safety.

Being HIPAA compliant means maintaining rigorous security standards of our entire company stack and internal processes keep your data secure.

Cube is SOC 2 Type II compliant. This means we're certified by the American Institute of CPAs (AICPA) to abide by its guidelines of ensuring the security, availability, processing integrity, confidentiality, and privacy of the customer data that we handle.

SOC 2 is especially important for our customers who deal with financial PII—so it encompasses our entire company's stack, end-to-end.

Building a trustworthy embedded analytics application requires that users accessing the same server will see only their own data.

That’s where Cube’s multitenancy support comes into play. With Cube, you can configure six forms of multitenancy, out of the box—both on the database and data schema level. This variety empowers you to curate a secure, custom UX.

Cube’s security modeling is built on the industry standard of IAAA: Identification, Authentication, Authorization, and Accountability.

We thoughtfully designed Cube this way so that with its support of JSON Web Tokens, role-based access control, Auth0 support, and log export, it could form the foundation of a secure stack on which to build modern data apps.