Big News! Split is now part of Harness. Learn more at Harness and read why we are excited by this move.

Trust & Security

Security at Split

Split follows extensive practices to track and protect your data as it moves through our services.

Split Security Practices

To learn more about Split’s security practices, view our help documentation or download our Split Security Primer by clicking below.

View all Security PracticesDownload Security Primer

Split employs SSL encryption in transit, with default communications handled over TLS 1.2 security. Split keys and secrets are stored using the Amazon AWS Key Management Service, and login tokens are salted and encrypted for increased security.

Split’s production servers are hosted in AWS and subject to all of Amazon’s cloud security protocols. Split’s policies provide limited access to its production environment. Separate staging and production environments are utilized, and main datastore backups occur daily.

A third party assesses the security of the Split web application semi annually. Split addresses any findings from this assessment according to the risk they pose to the security of the Split service.

You have complete control over what data is sent back to Split. No user identifiable data is retained by default as sharing sensitive user data is not required to target features controlled by Split end users.

Split accounts provide two-factor authentication, and administrators can view the 2FA status of any user at any time. Single sign-on is available via SAML and Google account sign-in.

Role-based access controls, managed via groups, allow administrators to set permissions by-environment and by-feature for individuals and teams.

Frequently Asked Questions

Is your data encrypted? Do you have a backup plan? How are passwords stored?

Find answers to our top questions.

Read the FAQ

Create Impact With Everything You Build

We’re excited to accompany you on your journey as you build faster, release safer, and launch impactful products.