As an in-memory data store that is built for modern cloud workloads, enterprise-grade security and compliance have been an important part of the way we've built Dragonfly from day one.
With the latest announcements of SOC 2 Type 2 compliance, Role-Based Access Control (RBAC), and Access Control List (ACL), in addition to existing features such as the ability to establish private connections to dedicated infrastructure, Dragonfly Cloud is now ready for enterprise data workloads. For complete details on all the security features and policies Dragonfly has in place, please visit our security portal.
SOC 2 Type 2 Compliance
SOC 2 is a voluntary security compliance standard for companies with cloud-based products, specifying how they should manage customer data. The compliance guidelines are set by the AICPA (American Institute of Certified Public Accountants), ensuring all relevant services are secure, available, and confidential and that information security best practices are in place.
At Dragonfly, our SOC 2 report is official proof that we comply with the globally recognized information security framework and protect our customers' data using only the best practices among our business operations, infrastructure, policies, and procedures.
Our customers trust us with their data, and so our SOC 2 compliance demonstrates our concrete data security measures and that our customers can place full trust in our software.
Demonstrating a SOC 2 report to our customers, prospects, and stakeholders proves our commitment to only the highest security standards and shows they're partnering with a company that takes information security seriously.
The controls we implemented are built around our specific infrastructure, software, processes, people, and data and relate to:
- Remote Onboarding of Employees
- Cloud Infrastructure Security
- Risk Management
- Access Control Restrictions (Including Strict Password Enforcement)
- Multi-Factor Authentication
- User Access Review
- Threat Detection
- Change Management Procedures
- Assets Management
- Data Encryption
- Secure Development and More
Role-Based Access Control
Role-Based Access Control (RBAC) is table stakes for any enterprise application. Dragonfly Cloud's RBAC implementation gives customers fine-grained control over who within their organization has access to various functions related to provisioning infrastructure, viewing and monitoring resources, managing users, and more. Examples including details on the various roles and what access each one has are available in our documentation.
Access Control List
The Dragonfly project provides a Redis-compatible API to manage the access of different applications and client connections to your Dragonfly data store. Documentation for the supported commands and flags can be found here.
Today we're excited to announce that ACLs are also supported for workloads running in Dragonfly Cloud. Dragonfly Cloud customers can now update the ACL rules of their data stores from the Dragonfly Cloud console, and Dragonfly Cloud will configure those rules across both master and replica data stores. These rules will be automatically maintained and persisted across updates to the data stores. Full documentation is available here.
As we continue on our mission to power the data infrastructure for the best applications in the world, security is paramount. For all the Dragonfly Cloud customers who trust us with their data, thank you. If you are not a Dragonfly Cloud customer yet and would like to try it out, you can sign up here.
