Security is paramount at PeerDB, and we take our commitment to protecting customer data very seriously. To provide a secure and compliant platform, we adhere to strict protocols and employ various measures to safeguard sensitive information.

Compliance

PeerDB is currently compliant with the following frameworks: We are currently undergoing compliance review for the following frameworks:
  • HIPAA - Controls are being set up in place for compliance

Data Retention

PeerDB doesn’t store any customer specific data on their end: all the data that is transferred/staged, whether local or remote (S3) is transient.

Access and Isolation

Isolation

Every customer instance on PeerDB Cloud is fully isolated from other instances and all cross-instance traffic is explicitly denied by default. More details are available in the Isolation Architecture Doc on our Trust Center.

Access

PeerDB follows the Principle of Least Privilege wherever possible and requires read-only access to the source peers: no write access is needed. Any and all internal traffic/access across instances is controlled via claim-based and role-based access-control, short-lived credentials and security best-practices.

Encryption

Any data in transit is fully encrypted. Additionally customers can leverage SSH Tunneling to ensure that they don’t need to expose the public IP of the source peer/database.

Additional Security Features

IP Whitelisting

PeerDB Cloud supports IP whitelisting for secure access to your source/target peers. You can find the list of IPs to whitelist here.

SSH Tunneling for Secure Postgres Replication

We natively support SSH tunneling right from the first connection to your database. A very simple way to get started can be found here PeerDB Cloud supports AWS PrivateLink for secure and private access to your source/target peers. This ensures that your data never leaves the AWS network and is secure from any external threats. This is available on all PeerDB Cloud instances and can be enabled by following the guide here.

Additional Documents and Compliance

Our Trust Center is the best place to get an overview and to get access to more documents and compliance frameworks. Click on “Request Access” and we will grant you access shortly. All PeerDB employees follow security programs/protocols and are trained to ensure that all customer data is securely handled and isolated. These include but are not limited to:
  • Incident Response Plan
  • Security Trainings
  • MDM
  • 2FA Enforcement for each and every access
  • Timely Vulnerability Fixes and Dependency Updates
  • Intrusion Detection System
  • Automated Alerts and Alarms