Security and trust are top priorities
Grafana Labs maintains high standards of data privacy and security by implementing:
- Life Cycle Management of Users (LCM) which include Security Training
- Best practices for internal Data Loss Protection (DLP)
- Multi-factor authentication (MFA/2FA)
- Regular infrastructure vulnerability assessments
- Independent third-party penetration testing and independent audits
Grafana Labs development includes continuous integration, detailed hange management policies, static code analysis and vulnerability analysis.
Securely store, visualize and alert without the headache of scaling or managing your own monitoring stack.
Grafana Cloud is a fully managed observability platform that makes it easy to collect, analyze and alert on metrics and logs all within Grafana.
Grafana Labs is committed to maintaining the highest standards of data privacy and security. By implementing industry-standard security technologies and procedures, we help protect our customers’ data from unauthorized access, use, or disclosure.
SOC 2 Certification
Completing an independent third-party audit with A-LIGN for SOC 2 Certification Conducted yearly
PCI Security Standards Council
Maintains PCI Compliant through third-party approved scanning vendors (ASV) Conducted quarterly
Maintains Microsoft Supplier Security and Privacy Assurance (SSPA) status Conducted yearly
General Data Protection Regulation Data Processor Agreement (DPA) available and DPO Requests should be sent to firstname.lastname@example.org for information
EU-U.S. Privacy Shield Framework
Pending compliance with the EU-U.S. Privacy Shield Framework
Cloud Security Alliance (CSA)
Completed CSA Security Trust Assurance and Risk (STAR) program Additional certification pending for CAIQ/CCM
‘A’ grade for SSL/TLS
Independent ‘A’ grade for SSL/TLS, and encrypts data at rest and in transit