Introduction
We work hard, day-in and day-out, to provide our customers with great solutions. While we’re updating and tweaking our features list on an ongoing basis, we encounter lots of burning questions from both our customers and prospective users. This is why we want to take the time to answer them as well as we can. Here are some frequently asked questions about PingCAP – Answered!
General
What is TiDB’s Trust Hub?
The Trust Hub is your central resource for learning about how TiDB protects your data, ensures privacy, and complies with industry regulations. It provides transparency into our security practices, compliance certifications, privacy policies, and more. Our goal is to give you peace of mind that your data is safe, secure, and managed responsibly.
Security
Does PingCAP have policies for information security management?
Yes, PingCAP has documented and implemented information security management policies that are aligned with industry standards and regularly reviewed. These policies govern internal processes such as access control with Multi-Factor Authentication (“MFA”) and approval workflows, change and configuration management, secure data handling, monitoring and incident response, and employee training, ensuring security is embedded into daily operations.
How does PingCAP protect customer data?
PingCAP have established strict access controls to ensure that only authenticated individuals can access systems that process our customers’ cluster data. These controls—including MFA, password strength enforcement, and the use of virtual private networks (VPNs) for administrative access—are designed to prevent unauthorized access. We also utilize bastion hosts as an intermediary for access to sensitive systems, enforcing hardened access, logging, and monitoring via proxy, and implementing strict approval workflows before access is granted. Additionally, we maintain centralized logging, including proxy and access logs, to comprehensively record access to customer cluster data and the systems hosting it.
What does PingCAP do to review its third-party vendors?
For our Cloud services, we use reputable service providers that consistently undergo independent third-party audits—such as SOC 2 and ISO 27001 certifications—to validate the security of their platforms (See here for a list of our subprocessors), and we periodically review these audit reports and certifications to maintain a high standard of trust and assurance. Rest be assured that we carefully evaluate all our vendors to ensure they align with our security and compliance requirements.
Does PingCAP implement any physical and environmental controls to protect customer data?
Our cloud services are hosted on certified cloud platforms managed by industry-leading infrastructure-as-a-service providers, including Amazon Web Services (AWS), Google Cloud and Microsoft Azure, which have appropriate physical security measures in force at the premises where the customers’ data will be processed and stored.
Is data encrypted at rest and in transit?
Yes, TiDB Cloud ensures that all customer data is encrypted at rest and in transit, with the option for file-level encryption via CMEK under their KMS control.
Are penetration tests performed against PingCAP’s services?
Third parties perform application and network penetration tests against our Cloud services annually at a minimum.
Does PingCAP publicly publish vulnerabilities affecting our products?
We post vulnerabilities that have been fixed at https://www.pingcap.com/security/
How can customers protect their PingCAP accounts?
Security is a our top priority in product development, and it is the very foundation of our services. On top of that, it is important that customers keep their cluster configured securely and maintaining the confidentiality of their login credentials. For example, customers must make sure that they set secure passwords and use caution when enabling custom plugins; customers should not share their credentials with unauthorized individuals.
How can I contact PingCAP if I have concerns about data security or privacy?
We appreciate our partnership with you to keep our customers — and the internet— safe. If you have any concerns or questions about data security, privacy, or compliance, please feel free to contact our compliance team at privacy@pingcap.com. We are here to help and will address your inquiries promptly.
Data Privacy
Who owns the data that customers put into PingCAP’s Cloud services?
The customers will always be the owners of the data that they entrust with us, and as a service provider, we use their data only in accordance with their documented instructions. We provide our customers with tools to control their data on their own terms and implement stringent security measures to safeguard their data.
How does PingCAP use customer data?
Customer data belongs to our customers, and therefore, we strictly follow documented instructions from our customers, i.e. to fulfill our contractual obligation to deliver our services, and will not process the data in a way that is imcompatible with the stated purposes. We follow the general principles of lawfulness, fairness and transparency, and will NEVER sell your data to any third parties. Customer data will be processed in a way that ensures its security, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage. We hope ourselves responsible for compliance with regulations including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and privacy best practices.
How can I be sure customer data in PingCAP’s Cloud services is secure?
We work diligently to earn your trust. We’ve obtained industry-leading compliance audits and certifications for the our Cloud services, including:
- SOC 1, SOC 2, and SOC 3
- ISO/IEC 27001 for information security management
- ISO/IEC 27701 for privacy information management
- PCI-DSS for payment card data security
- HIPAA as a Business Associate for handling healthcare data
- GDPR compliance for EU residents
- CCPA compliance for California residents
These certifications reflect our commitment to maintaining the highest security and privacy standards, and they prove that effective security practices are inherent in all of our activities, including product development and deployment, vulnerability management, incident management, and threat-handling processes. To learn more, navigate to our Compliance page.
How does PingCAP manage different types of data?
At PingCAP, protecting customer trust is our highest priority. We enforce strict controls under our internal Data Classification and Access Policy, ensuring that support personnel only access the minimum data necessary to deliver assistance.
Customer data
No one on the PingCAP side has access to your customer data. All customer data remains under your exclusive control.
Diagnostic data
Diagnostic logs, metrics, and traces are collected through secure telemetry channels. Before this data is made available to support, we make best efforts to ensure that no customer data is exposed by automatically redacting sensitive fields. In certain cases, we may request additional diagnostic information to assist in troubleshooting, but this will never include direct access to customer data.
Cluster operations (Start, Pause, Modify, Scale, etc.)
When support or engineering assistance is needed to perform cluster-level operations, access will be authorized only after going through multiple approvals, and will be audited regularly. On top of that, personal data such as customer name will be completely masked. Data masking is the process of hiding or obscuring sensitive personal or confidential information in service tickets, such as names, email addresses, phone numbers, account numbers, or financial data. As such, our supporting staff will NOT be able to see any such personal data.
Support ticket handling
PingCAP provides 24×7 global support coverage through centers in the United States, Canada, Japan, Malaysia, and the Netherlands. Our support teams use the information you provide in the ticket, along with sanitized diagnostic data and masked data, to investigate and resolve issues while remaining fully compliant with applicable regulations. The reason why we mask data is, to prevent unauthorized access and reduce the risk of data leaks; this way, we protect user privacy and comply with data protection regulations (like GDPR, HIPAA, or CCPA)
Where does PingCAP store customer data? How does TiDB ensure data sovereignty?
PingCAP leverages Cloud Service Providers like Amazon Web Services (AWS), Google Cloud and Microsoft Azure to deliver our Cloud services. We offer global hosting options through these providers, allowing you to choose the region that best meets your data residency requirements. By default, backups are stored in the same region as your selected deployment location. We adhere to data sovereignty principles, ensuring that data is stored and processed within the legal jurisdiction of the relevant region.
Can PingCAP access customer data?
PingCAP’s support personnel are strictly precluded from accessing any of your data without explicit customer authorization. Any access or utilization of user data requires customer approval, and internal access at PingCAP is strictly governed—only permitted after rigorous approval workflows involving both the business and security teams.
How does PingCAP handle payment related information?
PingCAP does not process payment information; rather, PingCAP relies on Stripe as our service provider (See here) to ensure the secure handling of payment card information. Nevertheless, we comply with the Payment Card Industry Data Security Standard (“PCI-DSS”) to demonstrate and ensure that our services adhere to the industry standards (see here).
Does PingCAP use sub-processors to process customer data?
Yes, please see here for a list of service providers that we use as our sub-processors. We periodically evaluate the privacy and security controls of all sub-processors that may access customer personal data.
Can I use TiDB Cloud in compliance with GDPR?
TiDB Cloud includes features designed to support compliance with GDPR and other global data protection and privacy regulations. To help meet your GDPR contractual obligations, we offer a Data Processing Addendum (DPA). Additionally, PingCAP adheres to the Data Privacy Framework for processing personal data received from the European Union, United Kingdom, and Switzerland (see here).
What mechanism does PingCAP use to transfer customer personal data outside of the EEA, Switzerland, and the UK?
We rely on current Standard Contractual Clauses (SCCs, see here) – including the controller-processor or processor-processor module (as applicable) with our customers and the processor-processor module with our sub-processors – and on our participation in the Data Privacy Framework for European data transfers to the US, as well as on robust supplementary measures (see here).
Is PingCAP Certified under the U.S. Department of Commerce’s Data Privacy Framework?
Yes, PingCAP is certified under the EU-US Data Privacy Framework (see here). To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/s/.
Where is customer support being handled?
Depending on regions, all global customers are supported by staff located in the US, Japan, Singapore, Romania and/or Malaysia.
Compliance
Which compliance frameworks is PingCAP compliant with?
PingCAP is compliant with ISO 27001, ISO 27017, ISO 27018, SOC 2 Type II, PCI-DSS and HIPAA. To learn more, navigate to our Compliance page.
What is SOC 2 compliance and why is it important?
SOC 2 (Service Organization Control 2) is a widely recognized standard for evaluating the security, availability, processing integrity, confidentiality, and privacy of systems. SOC 2 compliance demonstrates that TiDB has implemented strong controls to protect your data and ensure the reliability of our services. We undergo regular independent audits to verify our adherence to these standards.
What are PingCAP’s responsibilities as a HIPAA Business Associate?
As a HIPAA Business Associate, TiDB is responsible for ensuring the security and privacy of Protected Health Information (“PHI”) . We comply with HIPAA requirements for Business Associates, including encryption, access controls, and security monitoring, to protect healthcare data in accordance with U.S. regulations. We also maintain Business Associate Agreements (“BAA”s) with our healthcare partners to ensure compliance.