adTempus uses a comprehensive security framework that, when configured properly, offers tight control over which users have access to which data within adTempus.
adTempus stores its configuration data in a database that is under your control, and this data is generally not accessible by Arcana Development or other parties. It is your responsibility to limit access to this database to prevent unauthorized disclosure of the information it contains.
Passwords and some other sensitive data are stored in an encrypted form that reduces the chances of disclosure to others (for example, database administrators) who might view the database tables directly. However, because the same encryption key is generally used for all adTempus installations, it is possible for a determined user with access to the database (or a backup or copy of the database) to obtain and decrypt this information. Users who are concerned about this possibility should contact Arcana Development to discuss implementing site-specific encryption keys.
The database may also contain non-encrypted information that you consider sensitive, such as user account names, server names, IP addresses, file paths, etc.
In most cases your adTempus data is never accessible to Arcana Development. However, in limited circumstances we will have access:
When you provide us with database or log files, we have policies and procedures in place to ensure that:
Customers with particular concerns about sensitive data should contact us prior to providing any data, so that we can provide instructions for redacting or limiting the amount of data sent to us.
adTempus can be configured to connect to external service providers to augment the capabilities of adTempus. For example:
For such connections you must configure adTempus with the login credentials necessary to access your account with the provider, or otherwise authorize adTempus to act on your behalf (for example, through an OAuth consent process).
When you connect adTempus to a provider, the information required to connect to your account (user ID, password, access token, etc.) is stored in the adTempus database (which is under your control). adTempus will only send data to or retrieve data from these services at your direction (for example, through job or alert configuration). Data retrieved from these services is stored outside the adTempus database as configured by you (for example, in a local file). Data is exchanged directly between your local adTempus installation and the service provider, and does not pass through any computer systems controlled by Arcana Development.
In most cases, login information is never transmitted to Arcana Development, and we are therefore not able to use these credentials to access your accounts. In limited circumstances, access credentials and incidental information about your use of the service providers may be transmitted to Arcana Development while we are providing support services to you, as discussed in the Access by Arcana Development section above.