Security at DigitalOcean

Each DigitalOcean product has several security features to help you secure your infrastructure.

We abstract away the complexities of security at the infrastructure layer to give you peace of mind.

Learn how we manage, store, and protect your data, and read our certification reports.

DigitalOcean follows the most up-to-date infrastructure security controls.

Read these product guides to learn how we can work together to secure your DigitalOcean instance.

Discover these security best practice guides designed to empower you in securing your products.

DigitalOcean is AICPA SOC 2 Type II and SOC 3 Type II certified. By achieving compliance with this globally recognized information security controls framework, DigitalOcean has demonstrated a commitment to protecting sensitive customer and company information.

DigitalOcean has achieved Cloud Security Alliance (CSA) STAR Level 1 which addresses fundamental security principles across 16 domains to help cloud customers assess the overall security risk of a cloud service.

DigitalOcean is GDPR compliant and we show it through our actions. DigitalOcean uses clear and concise language in our Data Processing Agreement (DPA) and Privacy Policy and backs that up with transparent security and privacy controls.

The CBPR is a global privacy standard that an organization can certify and attest to the controls it has in place to protect the privacy of personal data. DigitalOcean aims to become one of the first cloud providers to certify to the rigid CBPR requirements.