How does Dynatrace protect data?

The data of our customers is at the core of our business. We strive for the best possible protection of this data. To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we've put appropriate physical, technical, and organizational procedures in place to secure our systems. See below for details.

Access control

Our customers individually control access to the data that Dynatrace has access to. Only users who are members of a monitoring environment's administrative groups are able to grant or revoke access to collected data. How these roles are managed and the available options for managing access control in Dynatrace are explained in detail at How do I set up user groups and permissions?

When a customer requires support from Dynatrace, authorized Dynatrace employees (specifically, 2nd and 3rd level support representatives) can be granted access to view customer data, restricted by a strong "need to access" policy. All such authorized Dynatrace employees are bound by strict confidentiality agreements.

Monitoring & audit logging

All systems operated by Dynatrace are subject to health and security monitoring, audit logging, and automated analysis of system logs. When Dynatrace support is requested for remote installations, access to customer systems is recorded by audit logs.

Data encryption

All electronic communication sent to and from Dynatrace over HTTPS relies on TLS encryption on port 443. OneAgent and ActiveGate, which are installed on-premise, encrypt all data before they are sent to Dynatrace Server. Metric and transaction data is encrypted even while at rest, and each customer’s data is programmatically partitioned from the data of other customers.