EasyInsights doesn't store your data.
We simply read your data and hash PII in transit.
Innovative Hybrid Architecture
Your data, Your Warehouse, Your CRM
At EasyInsights, your data stays yours. We believe in empowering you to maintain full control while leveraging your existing infrastructure. Here's how EasyInsights handles your data securely:
- Queries are executed directly on your data warehouse or CRM.
- Optionally, customer data can be temporarily stored in your cloud.
- Data is seamlessly transferred to your destination without being stored by EasyInsights.
EasyInsights Architecture
EasyInsights connects directly to your data warehouse, CRM or source, offering secure options such as SSH tunnels, reverse SSH tunnels, AWS PrivateLink, or GCP Private Service Connect for private networks or virtual private clouds (VPCs). A direct connection works for most use cases, ensuring flexibility for your infrastructure.
After connecting EasyInsights to your data source, you'll define SQL-based models that specify the data to be pulled without storing it. EasyInsights define a sync that determines how data maps to a destination and sets the frequency of updates. During an active sync, EasyInsights:
- Executes the SQL query on your source
- Identifies incremental changes to send downstream
- Converts the data to fit the destination's API requirements
Customer data flows through EasyInsights only during an active sync, remaining encrypted in transit via TLS.
Data Transit details
Best Practices By EasyInsights
At EasyInsights, we prioritize secure and reliable data transit by leveraging industry best practices and advanced cloud infrastructure.
- EasyInsights uses Load Balancers to distribute incoming traffic across multiple healthy targets.
- Optionally, customer data can be temporarily stored in your cloud.
- All HTTPS traffic must use TLS 1.2 or higher to enhance the security of our Application Load Balancers (ALBs) and Network Load Balancers (NLBs).
- Older TLS versions and legacy SSL protocols are not supported due to known security vulnerabilities.
Load Balancing for High Availability
TLS 1.2 for Secure Connections
EasyInsights ensures that your data remains secure and protected at every step. We follow these best practices for protecting data in transit:
- All PII data in transit is hashed to prevent unauthorized access.
- Ensures secure communication between systems.
- Automatic Implementation to identify and mitigate unintended data access.
- Do not show users PII in product UI.
- EasyInsights securely manages request and response payloads by storing them in a cloud storage bucket after sending data to your destinations.
- Default Storage: By default, this storage bucket resides on EasyInsights-managed infrastructure.
- Custom Storage Option: You can opt to use your own cloud storage bucket within your infrastructure for added control.
Data Storage
Change Data Capture Architecture
To minimize unnecessary API requests and ensure only essential updates are sent to your destinations, EasyInsights employs a process called Change Data Capture (CDC) or diffing.:
Available Methods for Change Data Capture
- The default method, where diff computation is handled on EasyInsights infrastructure.
- Does not require WRITE access, reducing the computational load on your warehouse.
- Sync speeds are slightly slower but provide flexibility for less intensive workloads.
- By choosing the method that aligns with your performance needs and infrastructure preferences, EasyInsights ensures an efficient and secure data synchronization process.
- Performs diff computation within your data warehouse.
- Requires WRITE access to specific tables in your warehouse to store metadata from previous syncs.
- Ideal for high-volume operations, offering faster syncs for customers syncing over 1 million rows.
Basic Activation Engine (Local Diffing)
Lightning Activation Engine
