Skip to main content
Data Protection
How is my data protected from other clients?
Clients are isolated in unprivileged Docker containers and only have access to their own data. Each container is completely separate from others on the same host machine with:
- Separate namespaces and cgroups
- Network isolation
- File system isolation
- Process isolation
How is my data protected from providers?
Provider security varies significantly:
- Tier 4 datacenters have extensive physical and operational security
- Individual hosts may have less formal security measures
For maximum security:
- Use Secure Cloud certified providers only
- Encrypt sensitive data at rest
- Don’t store credentials in instances
- Use external key management
What is Secure Cloud?
Secure Cloud providers are vetted datacenters with:
- ISO 27001 certification
- Tier 3/4 datacenter standards
- Verified physical security
- Professional operations
Enable the “Secure Cloud” filter when searching for instances to see only these providers.
Account Security
How do I secure my account?
Best practices:
- Use a strong, unique password
- Regularly rotate API keys
- Monitor account activity
- Use separate API keys for different applications
- Review billing regularly for unusual activity
What if my API key is compromised?
Immediately:
- Delete the compromised key in Settings
- Generate a new key
- Update all applications
- Check billing for unauthorized usage
- Contact support if you see suspicious activity
Network Security
Are connections encrypted?
Yes, all connections use encryption:
- Web interface: HTTPS with TLS
- SSH: Encrypted by default
- Jupyter: HTTPS with self-signed certificates
- API: HTTPS required
Can I restrict network access to my instances?
Network restrictions depend on the host configuration. Some options:
- Use SSH key authentication (no passwords)
- Configure firewall rules in your container
- Select providers with static IPs for IP whitelisting
Best Practices
Security checklist for sensitive workloads
