As part of DigitalOcean’s shared responsibility model, you are responsible for securing the data you store on DigitalOcean’s Volumes Storage service. To ensure data can only be accessed by the proper users and applications, we encourage you to secure and encrypt all data stored on Volumes to the level appropriate to help you meet your security requirements.
For data security purposes, we recommend that you protect your DigitalOcean account credentials and set up individual user accounts with DigitalOcean Teams and secure with two-factor authentication.
Data on Volumes is encrypted at rest, which helps to minimize the risk of a data breach via malicious hardware access. If you are concerned about the privacy of the data stored on Volumes, and would not want this data accessible in the event of a data breach (e.g. Droplet SSH key is stolen), then you can create a file system in a LUKS encrypted disk on your Volume. This means that the disk will need to be decrypted by the operating system on your Droplet in order to read any data. For more information, please review our guide: How to Create an Encrypted File System on a DigitalOcean Block Storage Volume.
Under certain compliance regimes like the Health Insurance Portability and Accountability Act (HIPAA) in the United States, you may be required to encrypt certain data at rest. If HIPAA is applicable to your business, please ensure you visit our HIPAA information site to learn more.
DigitalOcean does not currently offer logging and monitoring services for Volumes. If you require additional logging and monitoring, please identify your requirements and consider third-party services like Papertrail, Logtail, or Datadog.
Volumes are audited by third-parties as part of DigitalOcean’s SOC 2 Type 2 report. For details on how to request access to this report, please visit our Trust Platform Certifications page.
As an infrastructure as a service offering, DigitalOcean maintains the security of the infrastructure Volumes is hosted on. For more details, please review our Infrastructure Security Overview page.
Volumes include a 99.99% uptime SLA as outlined in our Volumes Block Storage Service Level Agreement (SLA). Under certain compliance regimes like the Health Insurance Portability and Accountability Act (HIPAA) in the United States, you may be required to build your services using a highly available configuration. If HIPAA is applicable to your business, please ensure you visit our HIPAA information site to learn more.
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.