Cloud Platform

Security and IP

Introduction

You own all your intellectual property and your code. Your code is private by default unless you explicitly share it with the community in the forums or with another team member via collaboration. You are creating valuable intellectual property, and we respect this and wish to make it easier. We limit the QuantConnect staff members who have access to the database. If we ever need access to your algorithm for debugging, then we will explicitly request permission first.

Intellectual Property

The following sections explain our commitment to protecting your intellectual property.

Ownership

You own all your intellectual property and your code. Your code is private by default unless you explicitly share it with the community in the forums or with another team member via collaboration. You are creating valuable intellectual property; we respect this and wish to make it easier. We document this publicly in our Terms of Service.

Alignment

Beyond words and our legal terms of service, we live this through the alignment of our business model with you, our clients. We aim for you to become more successful, thereby growing within our ecosystem. We've served start-up quant funds as they've grown from $0 to $1B+ AUM.

Reputation and Track Record

Established in 2012, we have a pristine reputation and a 10+ year record of protecting our community's intellectual property. We have served more than 200,000 clients. If we were to violate the trust of even a single client, we'd lose the entire community's faith - it is simply not worth it. We seek to change the future of finance and are driven by this mission.

Sharing

QuantConnect provides support with a specific support agent, not an anonymous team. When submitting a support ticket, you explicitly grant that team member access to your project. You can remove the support agent from your project collaboration at any time.

Security

We take a multi-level approach to security, from physical security to digital and information systems, internal processes, and testing.

Physical Security of Servers

Physical access to our servers is limited to a few dedicated team members whom QuantConnect has vetted. Only those credentialed team members can access the physical servers, and we schedule all work in advance. Work on the servers is always done in pairs to prevent single rogue actors from accessing the servers. We host our servers in a world-class security facility (Equinix) with security staff 24/7.

Information and Digital Security

We use all good common sense information security processes: passwordless servers, encryption in the database and backups, encrypted traffic, and network monitoring. We keep most of our servers off the internet and only available on private networks for the smallest possible surface area. We have regular network and code penetration testing. All code is containerized and isolated in services so that root network access would provide little-to-no benefit.

Beyond these basics, we've built active monitoring technology that proactively detects and blocks threats. We have human detection services to reduce the chances of brute-force attacks. We have documented processes for client notifications in the event of strange network activity.

Processes

Deployment environments are automated and enforce code peer-review to be deployed, reducing the chances of a rogue internal agent.

We limit staff access to the physical servers, restricting core database access to only a handful of senior staff. Database credentials are carefully restricted in scope, access locations and frequently rotated.

Privacy

Protecting users' private and intellectual property is of utmost importantance to us. QuantConnect complies with GDPR and all relevant privacy laws. We will never sell or publish your email address. We request knowledge of your real identity to ensure compliance with our data licenses but accept using an alias on public profiles for privacy. For more information about what data we collect, which tracking technologies we use, and how we use and share your data, see our Privacy Policy.

Code Encryption

When the above processes and track record are insufficient, we offer ways to encrypt your code while working on the QuantConnect platform. Our encryption feature uses a locally hosted key to encrypt code at rest in our database with AES256 encryption. In case of a compromised database or rouge agent, your code would not be readable. For more information on this feature, see Project Encryption.

On-Premise Installations

QuantConnect technology can be installed fully on-premise, fulfilling the requirements of even the strictest compliance departments. This technology, called the Local Platform, provides the same user interface as our cloud environment with support for fully offline "anonymous" project development. For more information on this feature, see the Local Platform.

You can also see our Videos. You can also get in touch with us via Discord.

Did you find this page helpful?

Contribute to the documentation: