How is Dynatrace hosting secured?

Dynatrace runs on the Amazon Web Services (AWS) cloud-computing service. Because Dynatrace is hosted in the AWS cloud, it benefits from Amazon’s secure, world-class data centers, which are certified for ISO 27001, PCI-DSS Level 1, and SOC 1 / SSAE 16. For full details, please review the AWS security policy. Dynatrace maintains server clusters in the following regions: US East (Virginia), US West (Oregon), European Union (Ireland), and Asia Pacific (Sydney).

Because Dynatrace is a highly reputable SaaS and cloud-based service that must offer continuous service even during unexpected server outages, Dynatrace architecture is designed around the goals of redundancy, security, and “always on” availability. If one Dynatrace Server node fails, other nodes immediately take over and Dynatrace launches new nodes to replace the failed nodes. Even when an entire data center fails (an “availability zone” in AWS terms), nodes in other data centers immediately compensate for the failure and there is no disruption to your Dynatrace service. For example, an AWS outage on the Sydney cluster in June 2016 was completely compensated for by our redundant architecture and there was no disruption to Dynatrace service. With this approach, Dynatrace is able to guarantee availability of at least 99.5%.

Note: All monitoring data captured by Dynatrace remains the property of our customers. While we mirror captured monitoring data to other AWS availability zones for backup purposes (in support of high availability across multiple data centers), your monitoring data will never be sent outside of your geographic region (United States, European Union, or Australia). For example, monitoring data captured in Ireland always remains in the EU because the Irish backups are mirrored to a cluster in Germany. With this approach, if one data center fails, we still have a quorum and the servers in other data centers of the same region can take over.

Our security team relies on industry best practices such as encrypted transmissions, cross-site scripting prevention, protection against code or SQL injection, hardening against DoS attacks, firewalls, regular security updates, security scans, and vulnerability assessments to ensure the security of your data. Additional security measures such as physical-access restrictions and secure decommissioning of data storage are managed by AWS.