We’re Serious About Security
We understand that your unstructured data is important to your business. Learn more about how we ensure your data is secure, protected, and available.
End-to-end data security
We value your trust and strive to deliver a reliable vector database platform. Please read about our Data Protection and High Availability philosophy for your Embeddings in your Zilliz cloud instance.
Our serverless, single-tenant architecture guarantees world-class reliability and data privacy.
Data and Application Security
Security is paramount in everything we do, from our product, to the way we run our business, to how our employees prioritize security.
We are SOC2 (Type2) Compliant. Zilliz follows strict policies and procedures that meet all the Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy. Check out the trust report for more information.
Zilliz’s entire foundation is optimized to guarantee high performance, resilience, and efficient application infrastructure while and reduce security risk.
Zilliz Cloud is a cloud computing platform that provides its customers with physical isolation via resource groups and multi-tenancy features. In addition, Zilliz provides better uptime and reliability by storing customer data in separate instances.
Security Incident Response
Once a security vulnerability is detected, appropriate staff at Zilliz Cloud are assigned to fix it immediately. In addition, version upgrades and security patching are completed automatically for our customer databases. Finally, Zillis sends notifications after the event.
Zilliz commits to 99.9% service uptime through our SLA. Read more about our system availability.
Data and Application Security
Zilliz's security-first culture puts security and trust at the forefront of every part of our business.
Data at rest in Zilliz Cloud is encrypted using the cloud provider's infrastructure-level disk encryption. In addition, dedicated customers can bring their managed key from their cloud provider's key management service to further encrypt the AWS & GCP cluster data using file-based encryption.
Data in transit
All traffic between the Zilliz Cloud vector database and client-server communications is encrypted using TLS. In addition, the database uses TLS 1.3 digital certificates for inter-node and client-server authentication, which require a Certificate Authority (CA), keys and certificates for nodes, and passwords or tokens for clients.
Data access & recovery
Zilliz Cloud uses a role-based access control (RBAC) permission system to ensure that only authorized personnel can access your data. We offer data backups and a data recovery bin to assist you in the event of accidental deletion or data corruption.
Zilliz Cloud service with the assumption that specific controls will be the responsibility of its customers.
The following is a list of recommended controls to reduce risk and enhance security when using the service. Customers are responsible for:
Adding and managing user accounts, credentials, and access rights to the cloud console and their databases.
Responsible for the strength of the passwords they choose for signing into the Zilliz Cloud console or their databases.
Identifying approved contact points to coordinate with Zilliz Cloud. The Support team may reach out to the designated contact to validate requests.
Validating the accuracy and completeness of data contained in their environment.
Data confidentiality controls at their organizations, such as segregation of duties and (non-)disclosure of information at the customer organization.
Alerting Zilliz Cloud of security incidents when they become aware of them.
Implementing Zilliz Cloud-provided network security and data protection capabilities in Zilliz dedicated when customer data includes PII, PHI, or other sensitive data.
File a security report
If you believe you have discovered a security or privacy vulnerability in Zilliz Cloud, please contact email@example.com