Volumes

Data Security

As part of DigitalOcean’s shared responsibility model, you are responsible for securing data stored on DigitalOcean’s Volumes Storage service. To ensure data can only be accessed by the proper users and applications, we encourage you to secure and encrypt all data stored on Volumes to the appropriate level of your security requirements.

For data security purposes, we recommend that you protect your DigitalOcean account credentials and set up individual user accounts with DigitalOcean Teams and secure with two-factor authentication.

Encryption at Rest

Data on Volumes is encrypted at rest, which reduces the risk of a data breach via malicious hardware access. If you are concerned about the privacy of the data stored on Volumes, and would not want this data accessible in the event of a data breach (e.g. Droplet SSH key is stolen), then you can create a file system in a LUKS encrypted disk on your Volume. This means that the disk will need to be decrypted by the operating system on your Droplet in order to read any data. For more information, please review our guide: How to Create an Encrypted File System on a DIgitalOcean Block Storage Volume.

Logging and Monitoring

Currently, we do not offer logging and monitoring services for Volumes. If you require additional logging and monitoring, please identify your requirements and consider third-party services like Papertrail, Logtail, or Datadog.

Compliance

Volumes are audited by third-parties as part of DigitalOcean’s SOC 2 Type 2 report. For details on how to request, please visit our Trust Platform Certifications page.

Infrastructure Security

As an infrastructure as a service offering, DigitalOcean maintains the security of the infrastructure the Droplets are hosted on. For more details, please review our Infrastructure Security Overview page.

Data Center Location Availability

Volumes include a 99.99% uptime SLA as outlined in our Volumes Block Storage Service Level Agreement (SLA).