As an AWS Advanced Technology Partner, CloudRanger is bound by the AWS Well-Architected Framework. AWS audits their partners against this framework, which has a heavy focus on security.
CloudRanger follows all best practice security protocols recommended by AWS. CloudRanger's access to your AWS region is controlled by AWS Identity and Access Management (IAM).
You can create IAM users and groups under your AWS account, assign security credentials to each, and limit each user's access. All of our clients' data remains within their own AWS region. There are configuration data items such as snapshot tags and instance id's which CloudRanger needs in order to manage client requests.
All data is encrypted, both at rest and in transit. CloudRanger's own AWS region is hosted within a private VPC. Login to the CloudRanger AWS account is protected through multi-factor authentication with admin rights limited to only three members of the CloudRanger team.