Security & Compliance

A secure platform with total data control. By implementing security best practices and procedures, we ensure the confidentiality, integrity and availability of our company and customer data.

Data Governance 

Project-based multi-tenant security model

Hopsworks' unique multi-tenant project model enables sensitive data to be stored in a shared cluster, while still providing fine-grained sharing capabilities for ML assets across project boundaries.

Data Encryption 

Encryption at rest

All data at rest is encrypted to prevent any unauthorized access and prevent data breaches. Our entire platform is also continuously monitored by dedicated, highly trained experienced Hopsworks staff.

Encryption in transit

Service-to-service communications employ industry standard encryption protocols to secure the transport layer such as HTTPs, RPC over TLS.

Secure Software Development Lifecycle

Planning and Development

Security requirements are gathered during designing of new features and continuously evaluated during the development phase. Every patch is scanned against known vulnerabilities using the OWASP framework.

Testing and Deployment

Hopsworks platform is continuously tested using unit and integration tests. We trust our engineers but we try to eliminate human error by using CI/CD pipelines for testing and deployment of new software. Key metrics of the platform are monitored throughout testing and deployment to ensure product quality and integrity.

Penetration testing

Hopsworks is periodically evaluated by external certified security professionals. Any findings are fed back to project management and incorporated into the planning phase.


High Availability

We have designed deployment patterns and best practices to make sure individual component failures do not impact the availability of the Hopsworks cluster.

Disaster recovery

Configuration policies and best practices are implemented to make sure you have a fresh copy of the data and metadata in case of necessity. There are also established procedures and best practices to restore a previous backup if needed.


Contact Hopsworks administration for compliance certificates.

ISO 27001

Hopsworks is certified according to the ISO 27001 framework. ISO 27001 is a globally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system.

Read more

SOC2 Type 2

Hopsworks is certified according to the SOC2 framework. SOC 2 is a globally recognized standard and the report is based on the Trust Services Criteria (TSC), which are a set of principles developed to evaluate the security, availability, processing integrity, confidentiality, and privacy of a service organization's systems and processes. 

Read more


Hopsworks prioritizes data privacy and security, ensuring full compliance with GDPR regulations. Our platform empowers organizations to implement data governance policies, monitor data usage, and enforce data protection measures, thereby safeguarding user privacy and maintaining regulatory compliance at all times.

Read more

© Hopsworks 2024. All rights reserved. Various trademarks held by their respective owners.

Privacy Policy
Cookie Policy
Terms and Conditions