Our development processes, operations, and infrastructure follow a comprehensive set of security policies that are reviewed at least annually and communicated to all employees. These policies ensure confidentiality, integrity, and availability of our systems and enable us to provide the best possible service to our customers. This page provides an overview of the measures we've taken to secure our hosting environment.
Data hosting & storage
Dynatrace runs in the Amazon cloud. Amazon Web Services' (AWS) certified cloud infrastructure security measures provide a high degree of data protection. AWS guarantees physical access controls, hypervisor protection, and secure decommissioning of instance data.
Permissions & authentication
Direct access to AWS services by our employees is carefully regulated based on multi-factor authentication. Permissions are granted on a "need to access" policy following a thorough approval process.
Failover & backups
For backup purposes (and for high availability across multiple data centers) we operate clusters in multiple AWS availability zones. Although captured monitoring data is mirrored to multiple availability zones, a customer's data will never be sent outside of the originating geographic region (United States, European Union, or Australia). For example, monitoring data captured in Ireland remains in the EU as Irish backups are mirrored to clusters in Germany.
All systems we run are subject to permanent health and security monitoring.
The attack surfaces of our services are minimized based on automated vulnerability scans, regularly conducted external and internal penetration tests, as well as external and internal bug-bounty programs.
We continuously monitor the security of our hosting environment. In case of security incidents, we thoroughly evaluate detected problems and the underlying root causes. We then define and implement countermeasures and required improvements.
Training & awareness
All Dynatrace employees undergo annual security-awareness training.