Typesense Cloud Security

As a SaaS service that you trust your data with, we understand the immense responsibility we have to safeguard your data. So we’ve put in place industry-leading security and operational measures to keep your data safe when it resides on Typesense Cloud.

We’ve drawn from our diverse and extensive experience of running secure infrastructure at scale in high-compliance environments for over a decade at other leading technology companies, to bake good security and operational principles into the foundations of Typesense Cloud. We also undergo annual audits performed by independent external auditors to certify our security practices.

Here are some key highlights of our security practices:

Data Isolation

Every cluster you create is completely isolated from other users’ clusters at the firewall level and is dedicated to you. So there is no commingling of data and this significantly reduces the blast radius for any potential risks or issues, as they are contained to individual clusters.

The Typesense Cloud Dashboard runs on a separate isolated network and only interacts with customer clusters via tightly controlled service API calls for provisioning, monitoring and deprovisioning.

Encryption

Clusters only have port 443 open to the public internet to respond to API requests over HTTPS. All data exchanged between your systems and your Typesense Cloud cluster is encrypted in transit using industry standard and current encryption protocols for HTTPS.

We use full disk encryption across our entire infrastructure, so data is encrypted at rest as well.

Authentication & Authorization

We offer three forms of authentication:

• Email / Password based authentication
• GitHub based authentication
• Single Sign-on via SAML-based Identity Providers like Okta, Azure AD, etc.

For email/password based authentication, we require email confirmation within 24 hours of signing up. We enforce account lockouts after a certain number of invalid login attempts. You can turn on 2FA once you signup from your account page.

You can also signup / login with your Github account, for authenticating into the Typesense Cloud dashboard. Setting up multi-factor authentication on your Github account will then also enable MFA when you login with Github into Typesense Cloud.

We do not charge extra for SAML-based SSO login, but we still require a valid payment method to be on file for your team account for security and verification purposes.

Team Access

When you signup with an email/password, you can create a team account and invite members by their email address. They'll be sent an invitation email with a special one-time (auto-expiring) link to join your team. Clusters you create under your team account will be accessible to members of your team.

When you signup with GitHub auth, we sync Github organizations membership information to create equivalent teams in Typesense. By default, all members of a Github organization have access to clusters created under that equivalent team in Typesense Cloud. You can restrict this access to a particular Github team, by adding this team name on your Typesense Cloud account page.

Role-based Access Control

You can assign roles to each user in your team to control the level of access they have on the Typesense Cloud dashboard. Read more here.

Controlling Access to Data in your Typesense Cloud Cluster

Access to the data you store in your Typesense Cloud cluster is controlled via API keys you can generate via the Typesense Cloud dashboard or via the API. Please ensure that you safeguard your API keys and rotate them regularly. Also ensure that you have the right permissions set for each key you generate, especially ones you use in your frontend applications for search-only purposes. You can also scope API keys so that they can only access a subset of fields or subset of records for multi-tenant or role-based access.

Internal Controls

Administrator access to our production network is tightly controlled via VPN and jump boxes.

We require the use of multi-factor authentication across all services we use.

Data Privacy

We do not access any customer data as a strict matter of policy, unless you’ve given us explicit written approval to do so for debugging any issues.

Once a cluster is terminated, all data associated with it is deleted irrecoverably.

As a privacy best practice, your Typesense Cloud cluster does not set any cookies. As of v0.23 of Typesense Server, we track IP addresses for debugging and rate limiting purposes. We only store these collected IP addresses for a period of 7 days.

If you have strict Data Residency requirements, you can pick a particular region / country when provisioning your Typesense Cloud cluster and your data will not leave that region / country.

Monitoring & Alerting

All logs are centrally collected and monitored for any anomalies.

We have automated monitoring in place that calls our 24x7 on-call personnel should any critical issues arise with the infrastructure.

We monitor your cluster capacity and notify you via email if your memory or CPU usage exceeds recommended thresholds. Based on your approval, we can then do an in-place upgrade of your cluster to accommodate your increased traffic / data. Alternatively, you can opt-in to Automatic Capacity Upgrades and we will automatically upgrade your cluster's capacity if it exceeds recommended thresholds in a 12-hour rolling window.

Redundancy

We operate our services in multiple regions around the world, and also multiple physical data centers in every region.

When you provision a cluster and choose to turn on the High Availability configuration, we will spin up nodes in at least 3 different physical data centers and automatically replicate data between them. This ensures that hardware issues with any one particular node in a particular data center does not affect your clusters' up time.

Physical Security

We use compute services from other Cloud Providers and so do not have any physical servers we run or manage directly. Physical security and redundancy for these data centers are handled by our Cloud Providers.

Operations

We use Linux-based operating systems in our infrastructure and apply patches to them on a regular basis.

We have extensive automated test suites that run on every build. These also include static analysis for any potential security issues.

We do annual pen tests and vulnerability assessments, and remidiate any findings shortly after.

Payment Information

We are PCI compliant and do not store any payment card information in our systems. We use an industry leading payment processor - Stripe and they hold your card information. Card details you enter on our site go directly from your browser to Stripe and do not touch our systems.

Status Communications

In the event of any outages or infrastructure issues, we post updates on our public status page available at https://cloud-status.typesense.org/. You can also subscribe to receive updates from our status page.

You can also setup a "Cluster Alerts" email address on your account page, to which we will send notifications about issues concerning just your cluster. Please be sure to add our domain name to your address book, to ensure delivery of these critical emails to your inbox.

Compliance

We are SOC 2 (Type 2) certified, and evaluated by an independent AICPA certified external auditor. We share our SOC 2 report with customers who purchase the Business Tier support plan or above.

If you find any security issues, please email us at security@typesense.org.