summaryrefslogtreecommitdiffstats
path: root/docs/netdata-security.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/netdata-security.md')
-rw-r--r--docs/netdata-security.md499
1 files changed, 366 insertions, 133 deletions
diff --git a/docs/netdata-security.md b/docs/netdata-security.md
index 6cd33c061..2716e08e2 100644
--- a/docs/netdata-security.md
+++ b/docs/netdata-security.md
@@ -1,196 +1,429 @@
# Security and privacy design
-This document serves as the relevant Annex to the [Terms of Service](https://www.netdata.cloud/service-terms/), the [Privacy Policy](https://www.netdata.cloud/privacy/) and
-the Data Processing Addendum, when applicable. It provides more information regarding Netdata’s technical and organizational security and privacy measures.
+This document serves as the relevant Annex to the [Terms of Service](https://www.netdata.cloud/service-terms/),
+the [Privacy Policy](https://www.netdata.cloud/privacy/) and
+the Data Processing Addendum, when applicable. It provides more information regarding Netdata’s technical and
+organizational security and privacy measures.
-We have given special attention to all aspects of Netdata, ensuring that everything throughout its operation is as secure as possible. Netdata has been designed with security in mind.
+We have given special attention to all aspects of Netdata, ensuring that everything throughout its operation is as
+secure as possible. Netdata has been designed with security in mind.
-> When running Netdata in environments requiring Payment Card Industry Data Security Standard (**PCI DSS**), Systems and Organization Controls (**SOC 2**),
-or Health Insurance Portability and Accountability Act (**HIPAA**) compliance, please keep in mind that
-**even when the user uses Netdata Cloud, all collected data is always stored inside their infrastructure**.
+## Netdata's Security Principles
-Dashboard data a user views and alert notifications do travel
-over Netdata Cloud, as they also travel over third party networks, to reach the user's web browser or the notification integrations the user has configured,
-but Netdata Cloud does not store metric data. It only transforms them as they pass through it, aggregating them from multiple Agents and Parents,
-to appear as one data source on the user's browser.
+### Security by Design
-## Cloud design
+Netdata, an open-source software widely installed across the globe, prioritizes security by design, showcasing our
+commitment to safeguarding user data. The entire structure and internal architecture of the software is built to ensure
+maximum security. We aim to provide a secure environment from the ground up, rather than as an afterthought.
-### User identification and authorization
+### Compliance with Open Source Security Foundation Best Practices
-Netdata ensures that only an email address is stored to create an account and use the Service.
-User identification and authorization is done
-either via third parties (Google, GitHub accounts), or short-lived access tokens, sent to the user’s email account.
+Netdata is committed to adhering to the best practices laid out by the Open Source Security Foundation (OSSF).
+Currently, the Netdata Agent follows the OSSF best practices at the passing level. Feel free to audit our approach to
+the [OSSF guidelines](https://bestpractices.coreinfrastructure.org/en/projects/2231)
-### Personal Data stored
+Netdata Cloud boasts of comprehensive end-to-end automated testing, encompassing the UI, back-end, and agents, where
+involved. In addition, the Netdata Agent uses an array of third-party services for static code analysis, static code
+security analysis, and CI/CD integrations to ensure code quality on a per pull request basis. Tools like Github's
+CodeQL, Github's Dependabot, our own unit tests, various types of linters,
+and [Coverity](https://scan.coverity.com/projects/netdata-netdata?tab=overview) are utilized to this end.
-Netdata ensures that only an email address is stored to create an account and use the Service. The same email
-address is used for Netdata product and marketing communications (via Hubspot and Sendgrid).
+Moreover, each PR requires two code reviews from our senior engineers before being merged. We also maintain two
+high-performance environments (a production-like kubernetes cluster and a highly demanding stress lab) for
+stress-testing our entire solution. This robust pipeline ensures the delivery of high-quality software consistently.
-Email addresses are stored in our production database on AWS and copied to Google BigQuery, our data lake,
-for analytics purposes. These analytics are crucial for our product development process.
+### Regular Third-Party Testing and Isolation
-If the user accepts the use of analytical cookies, the email address is also stored in the systems we use to track the
-usage of the application (Posthog and Gainsight PX)
+While Netdata doesn't have a dedicated internal security team, the open-source Netdata Agent undergoes regular testing
+by third parties. Any security reports received are addressed immediately. In contrast, Netdata Cloud operates in a
+fully automated and isolated environment with Infrastructure as Code (IaC), ensuring no direct access to production
+applications. Monitoring and reporting is also fully automated.
-The IP address used to access Netdata Cloud is stored in web proxy access logs. If the user accepts the use of analytical
-cookies, the IP is also stored in the systems we use to track the usage of the application (Posthog and Gainsight PX).
+### Security Vulnerability Response
-### Infrastructure data stored
+Netdata has a transparent and structured process for handling security vulnerabilities. We appreciate and value the
+contributions of security researchers and users who report vulnerabilities to us. All reports are thoroughly
+investigated, and any identified vulnerabilities trigger a Security Release Process.
-The metric data that a user sees in the web browser when using Netdata Cloud is streamed directly from the Netdata Agent
-to the Netdata Cloud dashboard, via the Agent-Cloud link (see [data transfer](#data-transfer)). The data passes through our systems, but it isn’t stored.
+We aim to fully disclose any bugs as soon as a user mitigation is available, typically within a week of the report. In
+case of security fixes, we promptly release a new version of the software. Users can subscribe to our releases on GitHub
+to stay updated about all security incidents. More details about our vulnerability response process can be
+found [here](https://github.com/netdata/netdata/security/policy).
-The metadata we do store for each node connected to the user's Spaces in Netdata Cloud is:
- - Hostname (as it appears in Netdata Cloud)
- - Information shown in `/api/v1/info`. For example: [https://frankfurt.my-netdata.io/api/v1/info](https://frankfurt.my-netdata.io/api/v1/info).
- - Metric metadata information shown in `/api/v1/contexts`. For example: [https://frankfurt.my-netdata.io/api/v1/contexts](https://frankfurt.my-netdata.io/api/v1/contexts).
- - Alarm configurations shown in `/api/v1/alarms?all`. For example: [https://frankfurt.my-netdata.io/api/v1/alarms?all](https://frankfurt.my-netdata.io/api/v1/alarms?all).
- - Active alarms shown in `/api/v1/alarms`. For example: [https://frankfurt.my-netdata.io/api/v1/alarms](https://frankfurt.my-netdata.io/api/v1/alarms).
+### Adherence to Open Source Security Foundation Best Practices
-The infrastructure data is stored in our production database on AWS and copied to Google BigQuery, our data lake, for
- analytics purposes.
+In line with our commitment to security, we uphold the best practices as outlined by the Open Source Security
+Foundation. This commitment reflects in every aspect of our operations, from the design phase to the release process,
+ensuring the delivery of a secure and reliable product to our users. For more information
+check [here](https://bestpractices.coreinfrastructure.org/en/projects/2231).
-### Data transfer
+## Netdata Agent Security
-All infrastructure data visible on Netdata Cloud has to pass through the Agent-Cloud link (ACLK) mechanism, which
-securely connects a Netdata Agent to Netdata Cloud. The Netdata agent initiates and establishes an outgoing secure
-WebSocket (WSS) connection to Netdata Cloud. The ACLK is encrypted, safe, and is only established if the user connects their node.
+### Security by Design
-Data is encrypted when in transit between a user and Netdata Cloud using TLS.
+Netdata Agent is designed with a security-first approach. Its structure ensures data safety by only exposing chart
+metadata and metric values, not the raw data collected. This design principle allows Netdata to be used in environments
+requiring the highest level of data isolation, such as PCI Level 1. Even though Netdata plugins connect to a user's
+database server or read application log files to collect raw data, only the processed metrics are stored in Netdata
+databases, sent to upstream Netdata servers, or archived to external time-series databases.
-### Data retention
+### User Data Protection
-Netdata may maintain backups of Netdata Cloud Customer Content, which would remain in place for approximately ninety
-(90) days following a deletion in Netdata Cloud.
+The Netdata Agent is programmed to safeguard user data. When collecting data, the raw data does not leave the host. All
+plugins, even those running with escalated capabilities or privileges, perform a hard-coded data collection job. They do
+not accept commands from Netdata, and the original application data collected do not leave the process they are
+collected in, are not saved, and are not transferred to the Netdata daemon. For the “Functions” feature, the data
+collection plugins offer Functions, and the user interface merely calls them back as defined by the data collector. The
+Netdata Agent main process does not require any escalated capabilities or privileges from the operating system, and
+neither do most of the data collecting plugins.
-### Data portability and erasure
+### Communication and Data Encryption
-Netdata will, as necessary to enable the Customer to meet its obligations under Data Protection Law, provide the Customer
-via the availability of Netdata Cloud with the ability to access, retrieve, correct and delete the Personal Data stored in
-Netdata Cloud. The Customer acknowledges that such ability may from time to time be limited due to temporary service outages
-for maintenance or other updates to Netdata Cloud, or technically not feasible.
+Data collection plugins communicate with the main Netdata process via ephemeral, in-memory, pipes that are inaccessible
+to any other process.
-To the extent that the Customer, in its fulfillment of its Data Protection Law obligations, is unable to access, retrieve,
-correct or delete Customer Personal Data in Netdata Cloud due to prolonged unavailability of Netdata Cloud due to an issue
-within Netdata’s control, Netdata will where possible use reasonable efforts to provide, correct or delete such Customer Personal Data.
+Streaming of metrics between Netdata agents requires an API key and can also be encrypted with TLS if the user
+configures it.
-If a Customer is unable to delete Personal Data via the self-services functionality, then Netdata deletes Personal Data upon
-the Customer’s written request, within the timeframe specified in the DPA and in accordance with applicable data protection law.
+The Netdata agent's web API can also use TLS if configured.
-#### Delete all personal data
+When Netdata agents are claimed to Netdata Cloud, the communication happens via MQTT over Web Sockets over TLS, and
+public/private keys are used for authorizing access. These keys are exchanged during the claiming process (usually
+during the provisioning of each agent).
-To remove all personal info we have about a user (email and activities) they need to delete their cloud account by logging into https://app.netdata.cloud and accessing their profile, at the bottom left of the screen.
+### Authentication
+Direct user access to the agent is not authenticated, considering that users should either use Netdata Cloud, or they
+are already on the same LAN, or they have configured proper firewall policies. However, Netdata agents can be hidden
+behind an authenticating web proxy if required.
-## Agent design
+For other Netdata agents streaming metrics to an agent, authentication via API keys is required and TLS can be used if
+configured.
-### User data is safe with Netdata
+For Netdata Cloud accessing Netdata agents, public/private key cryptography is used and TLS is mandatory.
-Netdata collects raw data from many sources. For each source, Netdata uses a plugin that connects to the source (or reads the
-relative files produced by the source), receives raw data and processes them to calculate the metrics shown on Netdata dashboards.
+### Security Vulnerability Response
-Even if Netdata plugins connect to the user's database server, or read user's application log file to collect raw data, the product of
-this data collection process is always a number of **chart metadata and metric values** (summarized data for dashboard visualization).
-All Netdata plugins (internal to the Netdata daemon, and external ones written in any computer language), convert raw data collected
-into metrics, and only these metrics are stored in Netdata databases, sent to upstream Netdata servers, or archived to external
-time-series databases.
+If a security vulnerability is found in the Netdata Agent, the Netdata team acknowledges and analyzes each report within
+three working days, kicking off a Security Release Process. Any vulnerability information shared with the Netdata team
+stays within the Netdata project and is not disseminated to other projects unless necessary for fixing the issue. The
+reporter is kept updated as the security issue moves from triage to identified fix, to release planning. More
+information can be found [here](https://github.com/netdata/netdata/security/policy).
-The **raw data** collected by Netdata does not leave the host when collected. **The only data Netdata exposes are chart metadata and metric values.**
+### Protection Against Common Security Threats
-This means that Netdata can safely be used in environments that require the highest level of data isolation (like PCI Level 1).
+The Netdata agent is resilient against common security threats such as DDoS attacks and SQL injections. For DDoS,
+Netdata agent uses a fixed number of threads for processing requests, providing a cap on the resources that can be
+consumed. It also automatically manages its memory to prevent overutilization. SQL injections are prevented as nothing
+from the UI is passed back to the data collection plugins accessing databases.
-### User systems are safe with Netdata
+Additionally, the Netdata agent is running as a normal, unprivileged, operating system user (a few data collections
+require escalated privileges, but these privileges are isolated to just them), every netdata process runs by default
+with a nice priority to protect production applications in case the system is starving for CPU resources, and Netdata
+agents are configured by default to be the first processes to be killed by the operating system in case the operating
+system starves for memory resources (OS-OOM - Operating System Out Of Memory events).
-We are very proud that **the Netdata daemon runs as a normal system user, without any special privileges**. This is quite an
-achievement for a monitoring system that collects all kinds of system and application metrics.
+### User Customizable Security Settings
-There are a few cases, however, that raw source data are only exposed to processes with escalated privileges. To support these
-cases, Netdata attempts to minimize and completely isolate the code that runs with escalated privileges.
+Netdata provides users with the flexibility to customize agent security settings. Users can configure TLS across the
+system, and the agent provides extensive access control lists on all its interfaces to limit access to its endpoints
+based on IP. Additionally, users can configure the CPU and Memory priority of Netdata agents.
-So, Netdata **plugins**, even those running with escalated capabilities or privileges, perform a **hard coded data collection job**.
-They do not accept commands from Netdata. The communication is **unidirectional** from the plugin towards the Netdata daemon, except
-for Functions (see below). The original application data collected by each plugin do not leave the process they are collected, are
-not saved and are not transferred to the Netdata daemon. The communication from the plugins to the Netdata daemon includes only chart
-metadata and processed metric values.
+## Netdata Cloud Security
-Child nodes use the same protocol when streaming metrics to their parent nodes. The raw data collected by the plugins of
-child Netdata servers are **never leaving the host they are collected**. The only data appearing on the wire are chart
-metadata and metric values. This communication is also **unidirectional**: child nodes never accept commands from
-parent Netdata servers (except for Functions).
+Netdata Cloud is designed with a security-first approach to ensure the highest level of protection for user data. When
+using Netdata Cloud in environments that require compliance with standards like PCI DSS, SOC 2, or HIPAA, users can be
+confident that all collected data is stored within their infrastructure. Data viewed on dashboards and alert
+notifications travel over Netdata Cloud, but are not stored—instead, they're transformed in transit, aggregated from
+multiple agents and parents (centralization points), to appear as one data source in the user's browser.
-[Functions](https://github.com/netdata/netdata/blob/master/docs/cloud/netdata-functions.md) is currently
-the only feature that routes requests back to origin Netdata Agents via Netdata Parents. The feature allows Netdata Cloud to send
-a request to the Netdata Agent data collection plugin running at the
-edge, to provide additional information, such as the process tree of a server, or the long queries of a DB.
+### User Identification and Authorization
-<!-- The user has full control over the available functions. For more information see “Controlling Access to Functions” and “Disabling Functions”. -->
+Netdata Cloud requires only an email address to create an account and use the service. User identification and
+authorization are conducted either via third-party integrations (Google, GitHub accounts) or through short-lived access
+tokens sent to the user’s email account. Email addresses are stored securely in our production database on AWS and are
+also used for product and marketing communications. Netdata Cloud does not store user credentials.
-### Netdata is read-only
+### Data Storage and Transfer
-Netdata **dashboards are read-only**. Dashboard users can view and examine metrics collected by Netdata, but cannot
-instruct Netdata to do something other than present the already collected metrics.
+Although Netdata Cloud does not store metric data, it does keep some metadata for each node connected to user spaces.
+This metadata includes the hostname, information from the `/api/v1/info` endpoint, metric metadata
+from `/api/v1/contexts`, and alerts configurations from `/api/v1/alarms`. This data is securely stored in our production
+database on AWS and copied to Google BigQuery for analytics purposes.
-Netdata dashboards do not expose sensitive information. Business data of any kind, the kernel version, O/S version,
-application versions, host IPs, etc. are not stored and are not exposed by Netdata on its dashboards.
+All data visible on Netdata Cloud is transferred through the Agent-Cloud link (ACLK) mechanism, which securely connects
+a Netdata Agent to Netdata Cloud. The ACLK is encrypted and safe, and is only established if the user connects/claims
+their node. Data in transit between a user and Netdata Cloud is encrypted using TLS.
-### Protect Netdata from the internet
+### Data Retention and Erasure
-Users are responsible to take all appropriate measures to secure their Netdata agent installations and especially the Netdata web user interface and API against unauthorized access. Netdata comes with a wide range of options to
-[secure user nodes](https://github.com/netdata/netdata/blob/master/docs/category-overview-pages/secure-nodes.md) in
-compliance with the user organization's security policy.
+Netdata Cloud maintains backups of customer content for approximately 90 days following a deletion. Users have the
+ability to access, retrieve, correct, and delete personal data stored in Netdata Cloud. In case a user is unable to
+delete personal data via self-services functionality, Netdata will delete personal data upon the customer's written
+request, in accordance with applicable data protection law.
-### Anonymous statistics
+### Infrastructure and Authentication
-#### Netdata registry
+Netdata Cloud operates on an Infrastructure as Code (IaC) model. Its microservices environment is completely isolated,
+and all changes occur through Terraform. At the edge of Netdata Cloud, there is a TLS termination and an Identity and
+Access Management (IAM) service that validates JWT tokens included in request cookies.
-The default configuration uses a public [registry](https://github.com/netdata/netdata/blob/master/registry/README.md) under registry.my-netdata.io.
-If the user uses that public registry, they submit the following information to a third party server:
- - The URL of the agent's web user interface (via http request referrer)
- - The hostnames of the user's Netdata servers
+Netdata Cloud does not store user credentials.
-If sending this information to the central Netdata registry violates user's security policies, they can configure Netdata to
-[run their own registry](https://github.com/netdata/netdata/blob/master/registry/README.md#run-your-own-registry).
+### Security Features and Response
-#### Anonymous telemetry events
+Netdata Cloud offers a variety of security features, including infrastructure-level dashboards, centralized alerts
+notifications, auditing logs, and role-based access to different segments of the infrastructure. The cloud service
+employs several protection mechanisms against DDoS attacks, such as rate-limiting and automated blacklisting. It also
+uses static code analysers to prevent other types of attacks.
-Starting with v1.30, Netdata collects anonymous usage information by default and sends it to a self hosted PostHog instance within the Netdata infrastructure. Read
-about the information collected and learn how to opt-out, on our
-[anonymous telemetry events](https://github.com/netdata/netdata/blob/master/docs/anonymous-statistics.md) page.
+In the event of potential security vulnerabilities or incidents, Netdata Cloud follows the same process as the Netdata
+agent. Every report is acknowledged and analyzed by the Netdata team within three working days, and the team keeps the
+reporter updated throughout the process.
-### Netdata directories
+### User Customization
-The agent stores data in 6 different directories on the user's system.
-
-| path|owner|permissions|Netdata|comments|
-|:---|:----|:----------|:------|:-------|
-| `/etc/netdata`|user `root`<br/>group `netdata`|dirs `0755`<br/>files `0640`|reads|**Netdata config files**<br/>may contain sensitive information, so group `netdata` is allowed to read them.|
-| `/usr/libexec/netdata`|user `root`<br/>group `root`|executable by anyone<br/>dirs `0755`<br/>files `0644` or `0755`|executes|**Netdata plugins**<br/>permissions depend on the file - not all of them should have the executable flag.<br/>there are a few plugins that run with escalated privileges (Linux capabilities or `setuid`) - these plugins should be executable only by group `netdata`.|
-| `/usr/share/netdata`|user `root`<br/>group `netdata`|readable by anyone<br/>dirs `0755`<br/>files `0644`|reads and sends over the network|**Netdata web static files**<br/>these files are sent over the network to anyone that has access to the Netdata web server. Netdata checks the ownership of these files (using settings at the `[web]` section of `netdata.conf`) and refuses to serve them if they are not properly owned. Symbolic links are not supported. Netdata also refuses to serve URLs with `..` in their name.|
-| `/var/cache/netdata`|user `netdata`<br/>group `netdata`|dirs `0750`<br/>files `0660`|reads, writes, creates, deletes|**Netdata ephemeral database files**<br/>Netdata stores its ephemeral real-time database here.|
-| `/var/lib/netdata`|user `netdata`<br/>group `netdata`|dirs `0750`<br/>files `0660`|reads, writes, creates, deletes|**Netdata permanent database files**<br/>Netdata stores here the registry data, health alarm log db, etc.|
-| `/var/log/netdata`|user `netdata`<br/>group `root`|dirs `0755`<br/>files `0644`|writes, creates|**Netdata log files**<br/>all the Netdata applications, logs their errors or other informational messages to files in this directory. These files should be log rotated.|
+Netdata Cloud uses the highest level of security. There is no user customization available out of the box. Its security
+settings are designed to provide maximum protection for all users. We are offering customization (like custom SSO
+integrations, custom data retention policies, advanced user access controls, tailored audit logs, integration with other
+security tools, etc.) on a per contract basis.
-## Organization processes
+### Deleting Personal Data
-### Employee identification and authorization
+Users who wish to remove all personal data (including email and activities) can delete their cloud account by logging
+into Netdata Cloud and accessing their profile.
-Netdata operates technical and organizational measures for employee identification and authentication, such as logs, policies,
-assigning distinct usernames for each employee and utilizing password complexity requirements for access to all platforms.
+## User Privacy and Data Protection
-The COO or HR are the primary system owners for all platforms and may designate additional system owners, as needed. Additional
-user access is also established on a role basis, requires the system owner’s approval, and is tracked by HR. User access to each
-platform is subject to periodic review and testing. When an employee changes roles, HR updates the employee’s access to all systems.
-Netdata uses on-boarding and off-boarding processes to regulate access by Netdata Personnel.
+Netdata Cloud is built with an unwavering commitment to user privacy and data protection. We understand that our users'
+data is both sensitive and valuable, and we have implemented stringent measures to ensure its safety.
-Second-layer authentication is employed where available, by way of multi-factor authentication.
+### Data Collection
-Netdata’s IT control environment is based upon industry-accepted concepts, such as multiple layers of preventive and detective
-controls, working in concert to provide for the overall protection of Netdata’s computing environment and data assets.
+Netdata Cloud collects minimal personal information from its users. The only personal data required to create an account
+and use the service is an email address. This email address is used for product and marketing communications.
+Additionally, the IP address used to access Netdata Cloud is stored in web proxy access logs.
-### Systems security
+### Data Usage
+
+The collected email addresses are stored in our production database on Amazon Web Services (AWS) and copied to Google
+BigQuery, our data lake, for analytics purposes. These analytics are crucial for our product development process. If a
+user accepts the use of analytical cookies, their email address and IP are stored in the systems we use to track
+application usage (Google Analytics, Posthog, and Gainsight PX). Subscriptions and Payments data are handled by Stripe.
+
+### Data Sharing
+
+Netdata Cloud does not share any personal data with third parties, ensuring the privacy of our users' data, but Netdata
+Cloud does use third parties for its services, including, but not limited to, Google Cloud and Amazon Web Services for
+its infrastructure, Stripe for payment processing, Google Analytics, Posthog and Gainsight PX for analytics.
+
+### Data Protection
+
+We use state-of-the-art security measures to protect user data from unauthorized access, use, or disclosure. All
+infrastructure data visible on Netdata Cloud passes through the Agent-Cloud Link (ACLK) mechanism, which securely
+connects a Netdata Agent to Netdata Cloud. The ACLK is encrypted, safe, and is only established if the user connects
+their node. All data in transit between a user and Netdata Cloud is encrypted using TLS.
+
+### User Control over Data
+
+Netdata provides its users with the ability to access, retrieve, correct, and delete their personal data stored in
+Netdata Cloud. This ability may occasionally be limited due to temporary service outages for maintenance or other
+updates to Netdata Cloud, or when it is technically not feasible. If a customer is unable to delete personal data via
+the self-services functionality, Netdata deletes the data upon the customer's written request, within the timeframe
+specified in the Data Protection Agreement (DPA), and in accordance with applicable data protection laws.
+
+### Compliance with Data Protection Laws
+
+Netdata Cloud is fully compliant with data protection laws like the General Data Protection Regulation (GDPR) and the
+California Consumer Privacy Act (CCPA).
+
+### Data Transfer
+
+Data transfer within Netdata Cloud is secure and respects the privacy of the user data. The Netdata Agent establishes an
+outgoing secure WebSocket (WSS) connection to Netdata Cloud, ensuring that the data is encrypted when in transit.
+
+### Use of Tracking Technologies
+
+Netdata Cloud uses analytical cookies if a user consents to their use. These cookies are used to track the usage of the
+application and are stored in systems like Google Analytics, Posthog and Gainsight PX.
+
+### Data Breach Notification Process
+
+In the event of a data breach, Netdata has a well-defined process in place for notifying users. The details of this
+process align with the standard procedures and timelines defined in the Data Protection Agreement (DPA).
+
+We continually review and update our privacy and data protection practices to ensure the highest level of data safety
+and privacy for our users.
+
+## Compliance with Regulations
+
+Netdata is committed to ensuring the security, privacy, and integrity of user data. It complies with both the General
+Data Protection Regulation (GDPR), a regulation in EU law on data protection and privacy, and the California Consumer
+Privacy Act (CCPA), a state statute intended to enhance privacy rights and consumer protection for residents of
+California.
+
+### Compliance with GDPR and CCPA
+
+Compliance with GDPR and CCPA are self-assessment processes, and Netdata has undertaken thorough internal audits and
+controls to ensure it meets all requirements.
+
+As per request basis, any customer may enter with Netdata into a data processing addendum (DPA) governing customer’s
+ability to load and permit Netdata to process any personal data or information regulated under applicable data
+protection laws, including the GDPR and CCPA.
+
+### Data Transfers
+
+While Netdata Agent itself does not engage in any cross-border data transfers, certain personal and infrastructure data
+is transferred to Netdata Cloud for the purpose of providing its services. The metric data collected and processed by
+Netdata Agents, however, stays strictly within the user's infrastructure, eliminating any concerns about cross-border
+data transfer issues.
+
+When users utilize Netdata Cloud, the metric data is streamed directly from the Netdata Agent to the users’ web browsers
+via Netdata Cloud, without being stored on Netdata Cloud's servers. However, user identification data (such as email
+addresses) and infrastructure metadata necessary for Netdata Cloud's operation are stored in data centers in the United
+States, using compliant infrastructure providers such as Google Cloud and Amazon Web Services. These transfers and
+storage are carried out in full compliance with applicable data protection laws, including GDPR and CCPA.
+
+### Privacy Rights
+
+Netdata ensures user privacy rights as mandated by the GDPR and CCPA. This includes the right to access, correct, and
+delete personal data. These functions are all available online via the Netdata Cloud User Interface (UI). In case a user
+wants to remove all personal information (email and activities), they can delete their cloud account by logging
+into https://app.netdata.cloud and accessing their profile, at the bottom left of the screen.
+
+### Regular Review and Updates
+
+Netdata is dedicated to keeping its practices up-to-date with the latest developments in data protection regulations.
+Therefore, as soon as updates or changes are made to these regulations, Netdata reviews and updates its policies and
+practices accordingly to ensure continual compliance.
+
+While Netdata is confident in its compliance with GDPR and CCPA, users are encouraged to review Netdata's privacy policy
+and reach out with any questions or concerns they may have about data protection and privacy.
+
+## Anonymous Statistics
+
+The anonymous statistics collected by the Netdata Agent are related to the installations and not to individual users.
+This data includes community size, types of plugins used, possible crashes, operating systems installed, and the use of
+the registry feature. No IP addresses are collected, but each Netdata installation has a unique ID.
+
+Netdata also collects anonymous telemetry events, which provide information on the usage of various features, errors,
+and performance metrics. This data is used to understand how the software is being used and to identify areas for
+improvement.
+
+The purpose of collecting these statistics and telemetry data is to guide the development of the open-source agent,
+focusing on areas that are most beneficial to users.
+
+Users have the option to opt out of this data collection during the installation of the agent, or at any time by
+removing a specific file from their system.
+
+Netdata retains this data indefinitely in order to track changes and trends within the community over time.
+
+Netdata does not share these anonymous statistics or telemetry data with any third parties.
+
+By collecting this data, Netdata is able to continuously improve their service and identify any issues or areas for
+improvement, while respecting user privacy and maintaining transparency.
+
+## Internal Security Measures
+
+Internal Security Measures at Netdata are designed with an emphasis on data privacy and protection. The measures
+include:
+
+1. **Infrastructure as Code (IaC)** :
+ Netdata Cloud follows the IaC model, which means it is a microservices environment that is completely isolated. All
+ changes are managed through Terraform, an open-source IaC software tool that provides a consistent CLI workflow for
+ managing cloud services.
+2. **TLS Termination and IAM Service** :
+ At the edge of Netdata Cloud, there is a TLS termination, which provides the decryption point for incoming TLS
+ connections. Additionally, an Identity Access Management (IAM) service validates JWT tokens included in request
+ cookies or denies access to them.
+3. **Session Identification** :
+ Once inside the microservices environment, all requests are associated with session IDs that identify the user making
+ the request. This approach provides additional layers of security and traceability.
+4. **Data Storage** :
+ Data is stored in various NoSQL and SQL databases and message brokers. The entire environment is fully isolated,
+ providing a secure space for data management.
+5. **Authentication** :
+ Netdata Cloud does not store credentials. It offers three types of authentication: GitHub Single Sign-On (SSO),
+ Google SSO, and email validation.
+6. **DDoS Protection** :
+ Netdata Cloud has multiple protection mechanisms against Distributed Denial of Service (DDoS) attacks, including
+ rate-limiting and automated blacklisting.
+7. **Security-Focused Development Process** :
+ To ensure a secure environment, Netdata employs a security-focused development process. This includes the use of
+ static code analysers to identify potential security vulnerabilities in the codebase.
+8. **High Security Standards** :
+ Netdata Cloud maintains high security standards and can provide additional customization on a per contract basis.
+9. **Employee Security Practices** :
+ Netdata ensures its employees follow security best practices, including role-based access, periodic access review,
+ and multi-factor authentication. This helps to minimize the risk of unauthorized access to sensitive data.
+10. **Experienced Developers** :
+ Netdata hires senior developers with vast experience in security-related matters. It enforces two code reviews for
+ every Pull Request (PR), ensuring that any potential issues are identified and addressed promptly.
+11. **DevOps Methodologies** :
+ Netdata's DevOps methodologies use the highest standards in access control in all places, utilizing the best
+ practices available.
+12. **Risk-Based Security Program** :
+ Netdata has a risk-based security program that continually assesses and mitigates risks associated with data
+ security. This program helps maintain a secure environment for user data.
+
+These security measures ensure that Netdata Cloud is a secure environment for users to monitor and troubleshoot their
+systems. The company remains committed to continuously improving its security practices to safeguard user data
+effectively.
+
+## PCI DSS
+
+PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure that all
+companies that accept, process, store or transmit credit card information maintain a secure environment.
+
+Netdata is committed to providing secure and privacy-respecting services, and it aligns its practices with many of the
+key principles of the PCI DSS. However, it's important to clarify that Netdata is not officially certified as PCI
+DSS-compliant. While Netdata follows practices that align with PCI DSS's key principles, the company itself has not
+undergone the formal certification process for PCI DSS compliance.
+
+PCI DSS compliance is not just about the technical controls but also involves a range of administrative and procedural
+safeguards that go beyond the scope of Netdata's services. These include, among other things, maintaining a secure
+network, implementing strong access control measures, regularly monitoring and testing networks, and maintaining an
+information security policy.
+
+Therefore, while Netdata can support entities with their data security needs in relation to PCI DSS, it is ultimately
+the responsibility of the entity to ensure full PCI DSS compliance across all of their operations. Entities should
+always consult with a legal expert or a PCI DSS compliance consultant to ensure that their use of any product, including
+Netdata, aligns with PCI DSS regulations.
+
+## HIPAA
+
+HIPAA stands for the Health Insurance Portability and Accountability Act, which is a United States federal law enacted
+in 1996. HIPAA is primarily focused on protecting the privacy and security of individuals' health information.
+
+Netdata is committed to providing secure and privacy-respecting services, and it aligns its practices with many key
+principles of HIPAA. However, it's important to clarify that Netdata is not officially certified as HIPAA-compliant.
+While Netdata follows practices that align with HIPAA's key principles, the company itself has not undergone the formal
+certification process for HIPAA compliance.
+
+HIPAA compliance is not just about technical controls but also involves a range of administrative and procedural
+safeguards that go beyond the scope of Netdata's services. These include, among other things, employee training,
+physical security, and contingency planning.
+
+Therefore, while Netdata can support HIPAA-regulated entities with their data security needs and is prepared to sign a
+Business Associate Agreement (BAA), it is ultimately the responsibility of the healthcare entity to ensure full HIPAA
+compliance across all of their operations. Entities should always consult with a legal expert or a HIPAA compliance
+consultant to ensure that their use of any product, including Netdata, aligns with HIPAA regulations.
+
+## Conclusion
+
+In conclusion, Netdata Cloud's commitment to data security and user privacy is paramount. From the careful design of the
+infrastructure and stringent internal security measures to compliance with international regulations and standards like
+GDPR and CCPA, Netdata Cloud ensures a secure environment for users to monitor and troubleshoot their systems.
+
+The use of advanced encryption techniques, role-based access control, and robust authentication methods further
+strengthen the security of user data. Netdata Cloud also maintains transparency in its data handling practices, giving
+users control over their data and the ability to easily access, retrieve, correct, and delete their personal data.
+
+Netdata's approach to anonymous statistics collection respects user privacy while enabling the company to improve its
+product based on real-world usage data. Even in such cases, users have the choice to opt-out, underlining Netdata's
+respect for user autonomy.
+
+In summary, Netdata Cloud offers a highly secure, user-centric environment for system monitoring and troubleshooting.
+The company's emphasis on continuous security improvement and commitment to user privacy make it a trusted choice in the
+data monitoring landscape.
-Netdata maintains a risk-based assessment security program. The framework for Netdata’s security program includes administrative,
-organizational, technical, and physical safeguards reasonably designed to protect the services and confidentiality, integrity,
-and availability of user data. The program is intended to be appropriate to the nature of the services and the size and complexity
-of Netdata’s business operations.
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-17 21:30:18 +0000