Link Search Menu Expand Document

Data security and privacy

Soda works in several ways to ensure your data and systems remain private.

Making secure connections

Installed in your environment, you use the Soda Core command-line tools to securely connect to a data source using system variables to store login credentials.

You can connect Soda Core to your Soda Cloud account. To communicate with your data source, Soda Cloud uses a Network Address Translation (NAT) gateway with the IP address 54.78.91.111. You may wish to add this IP address to your data source’s passlist.

Single sign-on with Soda Cloud

Organizations that use a SAML 2.0 single sign-on (SSO) identity provider can add Soda Cloud as a service provider. Once added, employees of the organization can gain authorized and authenticated access to the organization’s Soda Cloud account by successfully logging in to their SSO. Refer to Single sign-on with Soda Cloud for details.

Sending data to Soda Cloud

Soda Core usse a secure API to connect to Soda Cloud. When Soda Core completes a scan, it pushes the scan results to your Soda Cloud account where you can log in and examine the details in the web application.

Notably, your Soda Cloud account does not store the raw data that Soda Core scans. Soda Core pushes metadata to Soda Cloud; by default all your data stays inside your private network.

Soda Cloud does store the following:

  • metadata, such as column names
  • aggregated metrics, such as averages
  • sample rows and failed rows, if you explicitly set up your configuration to send this data to Soda Cloud

Where your datasets contain sensitive data or private information, you may not want to send failed row samples from your data source to Soda Cloud. In such a circumstance, you can disable the failed row samples feature entirely in Soda Cloud.

Read more about Soda’s Privacy Policy.

Compliance and reporting

In April 2022, an independent review of Soda’s source code was conducted and the result indicated that the code is sound.

As a result of an independent review in April 2022, Soda has been found to be SOCII Type 2 compliant. Contact support@soda.io for more information.



Was this documentation helpful?

What could we do to improve this page?


Last modified on 30-Sep-22