Security at Split

Split follows extensive practices to track and protect
your data as it moves through our services.

Secure Data Encryption

Split employs SSL encryption in transit, with default communications handled over TLS 1.2 security. Split keys and secrets are stored using the Amazon AWS Key Management Service, and login tokens are salted and encrypted for increased security.

Infrastructure Security

Split’s production servers are hosted in AWS and subject to all of Amazon’s cloud security protocols. Split’s policies provide limited access to its production environment. Separate staging and production environments are utilized, and main datastore backups occur daily.

Recurring Security Testing

A third party assesses the security of the Split web application regularly. Split addresses any findings from this assessment according to the risk they pose to the security of the Split service.

Designed to be secure

You own your customer data

You have complete control over what data is sent back to Split. No user identifiable data is retained by default as sharing sensitive user data is not required to target features controlled by Split end users.

Two-factor authentication and single sign-on

Split accounts provide two-factor authentication, and administrators can view the 2FA status of any user at any time. Single sign-on is available via SAML and Google account sign-in.

Industry-standard access controls

Role-based access controls, managed via groups, allow administrators to set permissions by-environment and by-feature for individuals and teams.

Frequently Asked Questions

Is your data encrypted? Do you have a backup plan? How are passwords stored?
Find answers to our top questions.