Splunk Secure Gateway and Spacebridge Compliance Standards
Spacebridge, Splunk Secure Gateway and Splunk Cloud Gateway have been certified to meet SOC2, Type 2 and ISO27001 standards. If you are using Spacebridge with a managed Splunk Cloud deployment and have specifically purchased an applicable regulated environment, then you may transmit the applicable regulated data, including PHI and PCI data, as Spacebridge is HIPAA and PCI-DSS compliant.
Spacebridge does not leverage the FIPS 140-2 validated Splunk Cryptographic Module and may not be used in environments that require this standard. Spacebridge is not available for GovCloud or FedRAMP environments.
To learn more about SOC-2 Type 2, PCI, ISO 27001 and HIPAA standards, see Splunk Security Certifications.
Learn more about Spacebridge
Splunk Secure Gateway is a default enabled app that facilitates communication between mobile devices and Splunk Cloud and Splunk Enterprise deployments using an end-to-end encrypted free cloud service called Spacebridge. Spacebridge is hosted in US-East-1 AWS location. To learn more about Splunk Secure Gateway and Spacebridge security, see Splunk Secure Gateway security process in the Administer Splunk Secure Gateway manual.
The Spacebridge cloud service environment, and the service itself, is separate from the Splunk Enterprise and Splunk Cloud offering. Spacebridge is a free hosted service and use is subject to the Splunk General Terms available at: http://www.splunk.com/en_us/legal/splunk-general-terms.html
About the Splunk Secure Gateway security process | Choose which Splunk apps to show dashboards from in the mobile apps |
This documentation applies to the following versions of Splunk® Secure Gateway: 2.5.7, 2.7.4, 2.9.1 Cloud only, 2.9.3 Cloud only, 2.9.4 Cloud only, 3.0.9, 3.1.2 Cloud only, 3.2.0 Cloud only, 3.3.0 Cloud only, 3.4.251, 3.5.15 Cloud only
Feedback submitted, thanks!