Security at Domo is everyone’s job.
In addition, an Executive security council is in place to foster the strong culture of security in the company. This Executive security council is composed of a cross-functional team made up of senior technology and business leaders.
- Multiple logical and physical security layers
- Least privilege and separation of duties access model
- Threat assessments of each new feature
- Transport layer encryption and encryption at rest, that allows customers to manage their own encryption keys
- Extensive logging and monitoring of network, system and application events
Domo enables our customers to always be in control.
In addition to advanced internal security controls, Domo provides extensive self-service security features that enable our customers to stay in control and have full transparency into their data at all times. These include SAML-based SSO, Multi-Factor Authentication, managed encryption keys, IP address restrictions, security profiles, and more.
Domo BYOK is the first Bring Your Own Key (BYOK) enterprise software solution for cloud analytics and business intelligence. It’s designed to let each customer manage their own cloud instance in accordance with internal security and compliance requirements.
Domo BYOK provides the ability to rotate the encryption keys numerous times a day. Through this customer-controlled encryption, customers can revoke encryption keys at any time, nullifying all data in Domo, and making it so no one will have access to their sensitive customer data. With Domo BYOK, customers are always in complete control of their data.
To encourage and streamline the process of responsible reporting of potential security vulnerabilities, the Domo security team is committed to working with security researchers to validate, reproduce, and respond to legitimate reports. If you responsibly submit a vulnerability report to Domo, the Domo security team will:
- Promptly acknowledge receipt of your report
- Provide an estimated time frame for addressing the reported vulnerability
- Notify you when the vulnerability has been resolved
We recognize that security researchers play a very important role in helping us keep Domo and our customers secure. We ask that you share any potential security vulnerabilities privately with Domo before disclosing to third parties or publicly.