TROCCO Security Matters
  • 17 Jul 2024
  • PDF

TROCCO Security Matters

  • PDF

Article summary

On this page, you will find answers to some of the most frequently asked questions we receive regarding TROCCO's security.
Please refer to our website for our privacy policy.

TROCCO Security Matters

Network Security

TROCCO data transfer takes place within a virtual private cloud (VPC) environment. In addition, data in transit is basically protected by TLS.

Data Retention

TROCCO essentially does not retain your data. However, data may be retained in the following cases

  • When executing the ETL pipeline, data is temporarily stored for the purpose of data transformation. This data is deleted when the container built to run the job is deleted after the job is completed.
  • If Delete Data Preview isdisabled, the data for preview is stored in TROCCO. If you do not want TROCCO to store the data for preview, please enable****Delete Data Preview.

Dedicated Container

Whenever data is transferred using TROCCO, a new container is created. Thus, the data to be transferred is isolated from other customer data. When the transfer is complete, the container used to execute the job is deleted.

User passwords and credentials

TROCCO uses AWS Key Management Service (KMS) to encrypt and decrypt data to protect sensitive information such as passwords and authentication information. These sensitive information are stored in a database isolated from the Internet.

Login Status Retention Period

The retention period for login status is 48 hours.
After 48 hours from the last time TROCCO was operated, it will automatically enter a logout state.
This minimizes the risk of unauthorized use of TROCCO in the unlikely event that your device is misused by a third party.

Cloud Hosting Platform

All of our infrastructure operations and environment hosting is done on Amazon Web Services (AWS). In addition, AWS data centers adhere to the highest security standards, including

  • SOC 1/ISAE 3402, SOC 2, SOC 3
  • PCI DSS Level 1
  • ISO 9001, ISO 27001, ISO 27017, ISO 27018

For more information on AWS security, see AWS Security and compliance.


TROCCO supports a variety of connection methods to enhance security when connecting to source and destination connectors, including

* AWS PrivateLink is a paid option.

Company Policy

We require all employees to adhere to internal security protocols to protect customer data. Regular checks are conducted to ensure that all existing and new employees are in compliance with internal security protocols.

In addition, strong password management best practices are in place within the company. Employees are required to log in using two-factor authentication to access systems related to TROCCO.

User Access and Authorization

Role-based access control and user management are supported by the Team function*. Using the team function, access control settings can be applied to each of the various settings related to data transfer, data processing, workflow, etc.

* Team functionality is a paid option.

SSO with SAML authentication*.

TROCCO supports Single Sign On (SSO) to centrally and securely manage access to accounts. For added security, password login can be disabled. For information on how to set up SSO with SAML, see About SSO with SAML Authentication.

* SSO with SAML authentication is available for Essential plans and above.

Authentication Information

ISO 27001

We have acquired an Information Security Management System (ISMS) compliant with ISO/IEC 27001:2013.

AWS ISV Accelerate Program

TROCCO has cleared AWS Foundational Technical Review. This means compliance with specific guidelines and best practices set forth by AWS. This means that TROCCO is a service committed to securely managing your data and its operations within the AWS ecosystem.

Supports AWS PrivateLink

TROCCO is an AWS PrivateLink Ready Partner and has passed AWS technical validation. AWS PrivateLink allows you to build a secure network that connects data to its source and destination without exposing it to the public Internet. For more information, please visit our AWS Partner page.


We are currently in the process of obtaining GDPR and SOC 2 compliance.

Frequently Asked Questions

What infrastructure and cloud platforms does TROCCO use?

TROCCO's infrastructure and environment are hosted on Amazon Web Services (AWS).

Can TROCCO be installed on an on-premise server?

No. The company is not a member of the National Association of Schools and Colleges of America. TROCCO is a cloud-based SaaS solution and does not support on-premise versions.

What security protocols or measures does TROCCO employ to prevent outside access to TROCCO's systems?

There are several firewalls that restrict access to our system from external networks.

What security standards does TROCCO comply with?

Currently, TROCCO is ISO 27001 compliant. We are also in the process of obtaining GDPR/SOC 2 compliance.

Where can I find TROCCO's privacy policy regarding the handling of personal information?

Please see our Privacy Policy.

What connection methods does TROCCO support?

Various connection methods are supported, including SSH tunnels, AWS System Manager Session Manager, and AWS PrivateLink.

Does TROCCO support IP permission restrictions?

Yes. TROCCO allows you to specify the IP addresses from which you can access your account. IP addresses that are not allowed access will not be able to access your account.

What login and authentication methods does TROCCO offer?

Supports Single Sign On (SSO) using user and password authentication methods and SAML authentication.

Is two-factor authentication (2FA) supported?

Yes. Two-factor authentication can be enabled within TROCCO.

Does TROCCO support SSO?

Yes. To secure access, SSO using SAML authentication can be set up in TROCCO. Additionally, password login can be disabled for added security.

Does TROCCO support role-based access control?

Yes. TROCCO supports role-based access control and user management through the Team function*. Using the team function, access control settings can be applied to each of the various settings related to data transfer, data processing, workflow, etc.

What will TROCCO do in the event of a data breach?

From the time of service launch to the present, TROCCO has experienced no data breaches. In the unlikely event of a data breach, it is our policy to immediately notify users and continue to provide updated information as the situation warrants.

Does TROCCO encrypt data in transit?

Yes. TROCCO uses a secure TLS connection to encrypt data between the external connector and our platform.

Does TROCCO encrypt stored data?

Yes. AES256 encryption is enabled in our AWS database.

Where does TROCCO's data processing take place?

Currently, TROCCO is built in the following two AWS regions

  • Tokyo Region ( ap-northeast-1 )
  • Mumbai Region ( ap-south-1 )
  • Seoul Region ( ap-northeast-2 )

Each region's TROCCO is built independently and does not share infrastructure, environment, or data.
TROCCO's data processing takes place in the data centers of the respective AWS regions.
No data handled by the customer is processed in a data center in a different region.

The number of AWS regions where TROCCO will be built will be expanded in the future.

Can I choose which region of TROCCO to use?

For customers in Japan, we will issue an account at TROCCO, which is located in the Tokyo Region,
Of course, it is also possible to issue accounts at TROCCO built in other regions.
In such cases, please consult with our sales representative or Customer Success before issuing an account.

How are credentials and passwords handled by TROCCO?

TROCCO uses the AWS Key Management Service (KMS) to encrypt and decrypt data. These sensitive information are stored in a database isolated from the Internet.

Does TROCCO perform third-party vulnerability assessments?

Yes. TROCCO regularly conducts third-party vulnerability assessments.

What should I do if I discover a vulnerability related to TROCCO?

Please contact your sales representative or Customer Success.

If you have any other questions about TROCCO's security, please contact us.

Was this article helpful?