A secure platform with total data control. By implementing security best practices and procedures, we ensure the confidentiality, integrity and availability of our company and customer data.
Hopsworks' unique multi-tenant project model enables sensitive data to be stored in a shared cluster, while still providing fine-grained sharing capabilities for ML assets across project boundaries.
All data at rest is encrypted to prevent any unauthorized access and prevent data breaches. Our entire platform is also continuously monitored by dedicated, highly trained experienced Hopsworks staff.
Service-to-service communications employ industry standard encryption protocols to secure the transport layer such as HTTPs, RPC over TLS.
Security requirements are gathered during designing of new features and continuously evaluated during the development phase. Every patch is scanned against known vulnerabilities using the OWASP framework.
Hopsworks platform is continuously tested using unit and integration tests. We trust our engineers but we try to eliminate human error by using CI/CD pipelines for testing and deployment of new software. Key metrics of the platform are monitored throughout testing and deployment to ensure product quality and integrity.
Hopsworks is periodically evaluated by external certified security professionals. Any findings are fed back to project management and incorporated into the planning phase.
We have designed deployment patterns and best practices to make sure individual component failures do not impact the availability of the Hopsworks cluster.
Configuration policies and best practices are implemented to make sure you have a fresh copy of the data and metadata in case of necessity. There are also established procedures and best practices to restore a previous backup if needed.
Contact Hopsworks administration for compliance certificates.
Hopsworks is certified according to the ISO 27001 framework. ISO 27001 is a globally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system.
Hopsworks is certified according to the SOC2 framework. SOC 2 is a globally recognized standard and the report is based on the Trust Services Criteria (TSC), which are a set of principles developed to evaluate the security, availability, processing integrity, confidentiality, and privacy of a service organization's systems and processes.
Hopsworks prioritizes data privacy and security, ensuring full compliance with GDPR regulations. Our platform empowers organizations to implement data governance policies, monitor data usage, and enforce data protection measures, thereby safeguarding user privacy and maintaining regulatory compliance at all times.