Skip to main content
Skip to main content
NewSimplified cost tracking for startups.Start now
CloudAct.ai
Enterprise Security

Security at CloudAct.ai

Your data security is our top priority. We implement industry-leading security measures to protect your cloud cost information.

PrivacyTermsSecurityCompliance

Important Security Recommendation

We strongly recommend using READ-ONLY API keys and credentials at all times when connecting your cloud providers to CloudAct.ai. Read-only access is sufficient for cost monitoring and analytics, and minimizes security risk in the unlikely event of any security incident.

Encryption

  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • Encrypted credential storage

Access Control

  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA)
  • SSO integration support

Infrastructure

  • Google Cloud Platform hosting
  • Isolated tenant environments
  • Regular security audits

Monitoring

  • 24/7 security monitoring
  • Intrusion detection systems
  • Automated threat response

Your Security Responsibilities

Security is a shared responsibility. While we implement robust security measures, you are responsible for:

  • Using read-only credentials — We strongly recommend read-only API keys for all integrations
  • Credential management — Regularly rotating and securely storing your credentials
  • Access management — Properly managing who has access to your CloudAct account
  • Reporting incidents — Promptly reporting any suspected security issues

Liability Disclaimer

CloudAct.ai assumes zero liability for any data breaches, security incidents, or unauthorized access arising from:

  • Use of credentials with write or administrative permissions
  • Third-party cloud providers or integration services
  • Your failure to implement recommended security practices
  • Cyberattacks or malicious activities beyond our control

Note: CloudAct.ai is compliance-ready (SOC 2 Type II readiness, GDPR/CCPA aligned, ISO 27001 aligned) but is not yet formally certified under these standards.

For maximum security, we strongly recommend deploying CloudAct.ai within your own cloud VPC via our Enterprise plan. This ensures all data processing occurs within your controlled environment. Contact our sales team at sales@cloudact.ai for Enterprise and VPC deployment options.

Report a Vulnerability

If you discover a security vulnerability, please report it responsibly. We take all security reports seriously and will respond promptly.

Security Contact

security@cloudact.ai
CloudAct Inc.100 S Murphy Ave, STE 200 PMB4013
Sunnyvale, CA 94086
United States
Privacy PolicyTerms of ServiceCompliance

Questions About Security?

Our security team is here to help you understand how we protect your data.

Contact Security TeamView Compliance