Security
Security is at the core of everything we build. We’re committed to safeguarding your data and infrastructure by investing in the necessary tools, training, and support. Learn more about how we bake security into our solutions and platform.
HashiCorp Cloud Platform roles/responsibilities
Security of the HashiCorp Cloud Platform (HCP) is a shared responsibility between HashiCorp and the customer. This shared model can help reduce the customer's operational burden, as HashiCorp manages and controls certain components of the system, such as management of the operating system (e.g. updates and security patches), while the customer assumes the responsibilities and management of access management, multi-factor authentication (MFA), and configuration of access control lists (ACLs). As HCP is run entirely out of the public cloud, there are certain components that they are responsible for, such as physical security of the facilities in which the service operates. Customers should carefully review the model outlined below to better understand the specific responsibilities that are under the customer's control.
The Shared-Responsibility Model
It's important to distinguish between the security of the cloud versus security in the cloud. The former is the responsibility of HashiCorp, while the latter is the responsibility of the customer.
Before diving into the details, there is one important aspect to consider, which is the inherited security controls from the public cloud provider. In this case, the public cloud provider manages the physical and environmental controls — meaning they are responsible for anything related to the physical data center and relevant controls.
As for the security of the cloud, this responsibility lies with HashiCorp. This includes controls related to high availability, vulnerability and patch management, upgrade cycles, backups, authentication, and authorization mechanisms.
The customer, on the other hand, is responsible for the security in the cloud, meaning user access management, roles and permissions, configuration of ACLs, and proper data governance.
Note: The term application referenced throughout this document refers to HashiCorp SaaS services or fully managed services
Shared Responsibility Model for HCP
| Responsible for: | Responsibility | |
|---|---|---|
| Customer | Security in the application | - Information and data transferred to/from HCP - User access, accounts, and identities - Roles and permissions - Control of when to update to major versions of HashiCorp services - Multi-region availability |
| HashiCorp | Application security in the cloud | - Application management - AuthN and AuthZ mechanisms - Backups - Operating system - Virtual network controls (segmentation) and firewalls - Encryption at rest and in transit - Software upgrades, bugs, and fixes |
| Public Cloud Provider | Security of the cloud infrastructure | - Platform and supporting applications - Compute resources - Physical (hosts, network, DC) - Physical networking - Storage |
HCP data collection and storage
HCP, like any Software-as-a-Service (SaaS) provider, collects and stores data. This section breaks down what data is being collected, why it's being collected, and where it's stored.
First, data is collected in the control plane, which is responsible for orchestrating the entire lifecycle of a cluster: creation, upgrades, snapshots, and, finally, destroying the cluster.
Second, data is collected in the data plane, which is where our customers are able to customize the clusters, utilize the cluster, and request audit logs from HCP.
Lastly, data is collected from customers that use HCP, such as IP addresses, name/email, and credit-card number.
The tables below show what data is collected —and why — in the HCP control plane and data plane:
HCP control plane
| Description | What is collected | Why it's collected | |
|---|---|---|---|
| Users | From customer's use of the HCP portal or public APIs: Individuals or service accounts who establish an account with us, or otherwise use our Websites, products, and/or services | - Name - GitHub username (only if GitHub authentication is used to log into HCP) - Credit-card number, billing address | - To access our products and websites, products, and/or services - Billing - Identity verification - 2-factor authentication |
| User organization networking | Networking and Cloud provider/datacenter details needed to establish encrypted connections | - Networking service identifiers related to the user organization's cloud provider - Cloud-provider account ID for user organization - User organization's cloud provider network subnets and routes | To establish an encrypted network connection from HCP to the user organization's cloud provider |
| Audit logs | Audit logs for HCP | Audit log messages for user and service-principal activity on the platform | - Compliance, security, and audit purposes. - Product support |
| Product telemetry | Data gathered on the performance and use of the service and service components | Measurements on: - API Performance times - Application error information - User feature-usage statistics and API calls - User agent information - IP Addresses - Page views and other clickstream data | - Adherence to service level objectives (SLOs) and service level agreements (SLAs) - Compliance, security, and audit purposes. - Product support - Product performance |
HCP data plan
| Description | What is collected | Why it's collected | |
|---|---|---|---|
| Service logs | Logs derived from HCP managed services | Log messages | - Adherence to service level objectives (SLOs) and service level agreements (SLAs) - Compliance, security, and audit purposes - Product support |
| Snapshots | Data snapshots/backups derived from HCP managed services | Data snapshots | - Compliance, security, and audit purposes. - Backup and recovery |
| Product telemetry | Data gathered on the performance and use of the service and service components | Measurements on: - API Performance times - Application error information - User feature-usage statistics and API calls | - Adherence to service level objectives (SLOs) and service level agreements (SLAs) - Compliance, security, and audit purposes. - Product support - Product performance |