Domo’s Trust Program.
Enterprise-grade data protection that scales.
Security Council, composed of a cross-functional team of senior technology and business leaders, fosters the strong culture of security at Domo.
Built-in security features.
Domo has built security, compliance, and privacy controls into every layer of the platform, and includes customer-managed security features.
Domo continuously reviews security standards and features to ensure compliance with industry-accepted best practices and frameworks.
To ensure the requirements of customers and regulators are met, Domo completes numerous audits, assessments and compliance requirements—including rigorous third party network and system penetration tests.
Over 32% of Fortune 50 Global companies, including many of the largest organizations in the US, Europe, Asia, and Australia, trust Domo for robust, scalable data protection.
Stay in control with Domo’s security framework that includes:
- Multiple logical and physical security layers
- “Least privilege” and “separation of duties” access model
- Threat assessments of each new feature
- Transport layer encryption and encryption at rest
- Extensive logging and monitoring of network, system, and application events
"We wanted to manage data as a corporate asset, and Domo was a good listener. They helped us draw a framework, an architecture, and a governance model that helped us achieve that."
Pedro Maia | Director of IT, Data, BI and Analytics at EDP Comercial
Customer-managed security features.
In addition to advanced internal security controls, Domo provides extensive self-service security features that enable our customers to stay in control and have full transparency into their data at all times.
"As the security officer, I was incredibly aware of the fact that we were putting sensitive information out there. We needed it to be permission-based so that not just anybody who logs into the gateway at a certain company could have access to all this information… Since everything was in the gateway already, we had the ability to make those logins very specific as to what you had access to, which we took advantage of."
Jenni Murer | Chief Information Officer
Bring Your Own Key (BYOK) encryption.
With Domo’s BYOK encryption, you can manage your own cloud instance in accordance with internal security and compliance requirements. Domo BYOK provides the ability to rotate the encryption keys numerous times a day. You can revoke encryption keys at any time, nullifying all data in Domo, and ensure that no one will have access to sensitive customer data.
Responsible Disclosure Program
To encourage and streamline the process of responsible reporting of potential security vulnerabilities, the Domo security team is committed to working with security researchers to validate, reproduce, and respond to legitimate reports.
If you responsibly submit a vulnerability report to Domo, the Domo security team will:
- Promptly acknowledge receipt of your report
- Provide an estimated time frame for addressing the reported vulnerability
- Notify you when the vulnerability has been resolved