As part of DigitalOcean’s shared responsibility model, you are responsible for securing data stored on our services.
For data security purposes, we recommend that you protect DigitalOcean account credentials and set up individual user accounts with DigitalOcean Teams to help maintain proper access for your services. We also recommend that you secure your data in the following ways:
Review the How-To Secure guide for your cluster: MongoDB, MySQL, PostgreSQL, Redis
Add standby nodes: MongoDB, MySQL, PostgreSQL, Redis
Set up automatic updates: MongoDB, MySQL, PostgreSQL, Redis
Applying additional redundancy to your database cluster
Monitoring disk usage to ensure a scale-up is promptly performed
Accessing your security posture and determining if DigitalOcean’s managed databases are the appropriate solution. DigitalOcean is not HIPAA compliant, therefore, healthcare organizations should consider an alternative.
Managed Databases support an application firewall that allows the user to configure from which sources a connection can be made to the managed database instance.
Data in all Managed Database clusters is encrypted at rest with LUKS (Linux Unified Key Setup).
Managed Database customer instances connections occur over TLS/SSL, which provides encryption of traffic in transit between the customer applications and the customer managed databases.
Please review the Monitoring Guide for your database:
Managed Databases are audited by third-parties as part of DigitalOcean’s SOC 2 Type 2 report. For details on how to request, please visit our Trust Platform Certifications page.
As a platform as a service offering, DigitalOcean maintains the security of the infrastructure Managed Databases is hosted on. For more details, please review our Infrastructure Security Overview page.
Please review the following Availability documentation for your database:
Service instances and the underlying VMs use full volume encryption using LUKS with a randomly generated ephemeral key per each instance and each volume. The key is never re-used and will be trashed at the destruction of the instance, so there’s a natural key rotation with roll-forward upgrades. We use the LUKS default mode aes-xts-plain64:sha256 with a 512-bit key.
Backups are encrypted with a randomly generated key per file. These keys are in turn encrypted with RSA key-encryption key-pair and stored in the header section of each backup segment. The file encryption is performed with AES-256 in CTR mode with HMAC-SHA256 for integrity protection. The RSA key pair is randomly generated for each service. The key lengths are 256-bit for block encryption, 512-bit for integrity protection, and 3072-bits for the RSA key.