Security and Compliance Enterprise

Dremio offers extensive security measures to help protect the integrity of your data, such as access control and federation with external identity providers. Dremio provides flexible native security features and integration with a wide range of third-party tools so that your organization can adhere to compliance and regulatory standards, enforce fine-grained permissions for your users, and retain your existing tools for authentication and authorization.

• Authentication – Manage user identities, authentication, and enterprise identity providers such as OIDC and LDAP.

• Access Control – Grant fine-grained permissions at the user or role level using native Dremio features or an integrated external data security product.

• Integrations – Manage access control and data governance through third-party integrations, including Lake Formation, Privacera, and Apache Ranger.

• Secrets Management – Use a secrets management service to provide sensitive information like passwords and secret access keys instead of providing it in plaintext.

• Audit Logging – Track platform activity for security monitoring and compliance requirements.

• Idle Session Timeout – Configure automatic logout after a period of inactivity.

• Compliance – Review the current compliance measures and audits Dremio has undergone to ensure top-level security for your data.

As the Dremio Shared Responsibility Models outline, platform security is a shared responsibility between Dremio and you. The Shared Responsibility Models lay out Dremio's responsibilities for providing vulnerability management and application security and your responsibilities for deployment and operations.