Skip to main content

Security and Compliance

Dremio offers extensive security measures to help protect the integrity of your data, including access control and the ability to use external identity providers (IdPs). Dremio provides flexible native security features and integration with a wide range of third-party tools so that your organization can adhere to compliance and regulatory standards, enforce fine-grained permissions for your users, and retain your existing tools for authentication and authorization.

Authentication and Identity Management

Dremio supports industry-standard authentication and single sign-on (SSO) services, including OAuth 2.0/OpenID Connect. Organizations can configure integrated authentication (Active Directory or OpenID Connect) to centrally manage user accounts with strong password policies and SSO/multi-factor authentication (MFA).

Access Control

Dremio provides a comprehensive hierarchical privilege system for fine-grained access control across your organization.

  • Privileges – Complete privilege system with hierarchical inheritance from organization to individual objects.
  • Role-Based Access Control (RBAC) – Manage access through roles rather than individual user grants for easier administration.
  • Hierarchical Inheritance – Privileges granted at higher levels (Organization → Projects → Sources → Folders → Tables) automatically apply to nested objects.
  • Object Ownership – Automatic ownership assignment when creating objects, with transferable ownership capabilities.
  • Open Catalog Security – Structured access control for managed catalog systems.

Data Protection

  • Encryption in Transit – Your content is transmitted using TLS 1.2 or higher between client and control plane, and between control plane and data plane.
  • Encryption at Rest – Your data is encrypted at rest within the control plane using AES-256 or higher.
  • Customer-Managed Encryption – Deploy and manage your encryption keys for enhanced security.

Compliance and Certifications

Current Certifications:

  • ISO 27001 – Information security management systems.
  • SOC 2 Type II – Security, availability, and confidentiality controls.
  • HIPAA – Healthcare data protection compliance.

Privacy Regulations:

  • GDPR – General Data Protection Regulation compliance.
  • CCPA – California Consumer Privacy Act compliance.