ThoughtSpot Trust Center

Security

Trust is paramount when it comes to your data. At
ThoughtSpot, we've built the ThoughtSpot Agentic Analytics
Platform with robust, enterprise-grade security as
its foundation. The safeguards we’ve implemented are
validated through demanding technical assessments,
independent certifications, and the ongoing implementation
of stringent security practices, providing you with the
confidence that your data remains secure and protected.

Anthony Lee-Masis
ThoughtSpot
Chief Information Security Officer

At ThoughtSpot, protecting our customers’ data is our top priority. Our security program combines industry-leading practices with a culture of accountability to keep your information safe and private. Your trust is essential to us, and we are dedicated to earning it every day by making security not just a feature, but the foundation of our relationship with you.

Secure By Design

Your data is protected at every step with strong encryption and careful key management, ensuring its confidentiality and integrity. We've built security into our platform from the start and guarantee a secure data removal process if you ever decide to leave.

Secure Development Lifecycle (SDLC)

Security is embedded into every stage of our software development lifecycle. From secure design principles to rigorous code reviews and security testing using SAST and DAST tools, security is built into our platform from the ground up.

Encryption

Your data is safeguarded both in transit and at rest with robust, industry-leading encryption. We employ TLS for data transmission and AES-256 encryption for stored data, protecting data against unauthorized access and data breaches.

Advanced Key Management

We use a key management system (KMS) to manage and protect encryption keys. Our robust key lifecycle management includes secure key generation practices and strict access controls ensuring the confidentiality and integrity of your data.

Account Termination

The security of your data remains paramount throughout our relationship and beyond. If you decide to no longer use ThoughtSpot, we ensure a secure and complete removal of all your data and your ThoughtSpot environment from our systems.

Vulnerability Management

ThoughtSpot vulnerability management program tracks remediation of identified vulnerabilities based on industry-leading timeframes to ensure vulnerabilities are remediated quickly and effectively.

Customer Control

You have control over your data in the ThoughtSpot Intelligence Platform, from selecting the data sources and residency regions to setting detailed access privileges and security rules. Sharing is secure and flexible and activity logs provide transparency into what happens.

Data Source Selection

Customers choose the data warehouses that are connected to ThoughtSpot Cloud and can select only relevant data tables and columns to make them available for analysis. Data transit can be further secured through VPN, private connectivity, or proxy connections.

Flexible Data Residency Options

ThoughtSpot understands the importance of data residency and offers options to select data residency regions based on your organization's needs and compliance requirements. We provide transparent data residency policies and support global data privacy regulations.

Privileges

Users in ThoughtSpot Cloud can be assigned roles, groups, and privileges to differentiate and tailor access and available actions.

Content Sharing

ThoughtSpot Cloud is your own private working environment. When ready to share your work with others, you can share queries, Liveboards, and any data you upload with the ability to revoke access to previously shared content as needed.

Data Security Rules

Set granular object, column, row-level security rules to control what users are permitted to see.

Active Audit Logs

You have access to user login and activity logs that are secured and monitored for anomalies.

Secure Authentication

ThoughtSpot supports multi-factored authentication and single-sign on via SAML and OIDC compliance identity providers.

Secure Operations
and Facilities

We protect your data through tightly controlled access for our personnel, supported by thorough background checks and ongoing security education. Our state-of-the-art, highly-available infrastructure providers are designed to protect your information and maintain continuous service.

Least Privilege Access

All employees are provided access to systems and data using the principle of least privilege. Access requested beyond standard role-based access must be requested and approved with valid business justification.

Granular Access Management

ThoughtSpot leverages Role-Based Access Control (RBAC) to provide fine-grained control over user permissions, ensuring that access is granted based on roles and responsibilities and adhering to the principle of least privilege.

Trusted Personnel & Practices

Our commitment to security extends to our personnel. We conduct pre-employment background checks for security-sensitive roles and provide comprehensive security awareness training to all employees. Confidentiality agreements are in place to protect your sensitive information.

Secure Cloud Environments

ThoughtSpot’s modern cloud environments are designed for scale and elasticity, while ensuring your data is protected against unauthorized breaches or data loss.

Redundant Infrastructure

ThoughtSpot’s data centers are designed to anticipate and tolerate failure while maintaining service levels. In case of failure, automated processes move traffic away from affected services with enough capacity to load-balance traffic.

Governance and
Compliance

ThoughtSpot operates with strong security policies and governance, ensuring continuous oversight and accountability, complemented by regular security training for all employees. We demonstrate our commitment through comprehensive risk management practices and adherence to key industry compliance certifications like SOC 2 and ISO 27001.

Security Policies & Governance

ThoughtSpot operates under a comprehensive framework of documented security policies, reviewed and updated regularly to address evolving threats. Our security governance structure ensures executive-level oversight and accountability for security across ThoughtSpot.

Security Training

ThoughtSpot provides security training to help employees minimize risk. Employees must complete information security training upon hire and quarterly thereafter.

Risk Management

ThoughtSpot performs information security risk assessments as part of a risk governance program that regularly tests, assesses and evaluates the effectiveness of ThoughtSpot’s security practices.

Security Compliance

We adhere to rigorous industry standards which are demonstrated through the security controls and compliance certifications we maintain, including: SOC 1, SOC 2, SOC 3, ISO 27001 and CSA Star Level 1.

ThoughtSpot Trust Center

We lead with transparency, ethics, deep listening and delivering on our commitments.

Learn more

Enterprise-Grade AI

Trusted, enterprise-grade AI enables faster, better decision-making.

Learn more

Privacy & Compliance

Safe and transparent customer data management policies that are aligned with data privacy regulations.

Learn more