Headed to QCon 2024 in San Francisco? Book a meeting with us!

Momento’s security pillars for secure apps

We prioritize making sure your applications are protected with the highest level of security.

Ellery Addington-White
Author

Share

In the digital era, the security of data is more crucial than ever. At Momento, we prioritize ensuring that your applications are not just efficient, but are safeguarded with the utmost security measures. 

Historically, caching has often been overlooked from a security perspective. However, this isn’t acceptable at Momento. With default features like end-to-end TLS, encryption at rest, and per-request authentication, we eliminate potential end-user misconfigurations that can compromise security.

Our serverless pricing model combined with the instant provisioning of Momento caches means there’s no longer a necessity to share caches across different workloads and teams. This not only enhances security by isolating caches but also ensures cost-effective utilization for each service leveraging Momento. There’s no need to sacrifice security for cost savings.

The pillars of security

  1. End-to-end encryption: Data remains encrypted from the moment of caching to retrieval, ensuring consistent data protection. There is no way to disable TLS connection to your caches eliminating the chance for misconfiguration.
  2. In-memory encryption: Offers an added layer of defense against potential breaches within the system’s memory. 
  3. Adaptable Private Link Support: Whether it’s VPC PrivateLinkTransit Gateway, or VPC peering, Momento accommodates varied AWS account setups, ensuring data remains confined to your network.
  4. Advanced Authentication: We offer a spectrum of authentication methods, each tailored for specific use cases. Create an API key for long-lived server-to-server communications or generate a token for limited-scope, short-lived access via a browser or IoT device. Explore the distinctions between API keys and tokens in our documentation.
  5. Improved Observability: Gain greater insights into your workload and data. With advanced observability and analytics out of the box, get new insights into your company workloads and data access patterns.  
  6. Governance: With best practices enabled by default for security, availability, and monitoring we help developers move faster and safer. Developers can get up and running quicker and stay safe over time. Eliminate the chance of misconfigured cache: and easily enforce best practices across the company.
  7. Rigorous Compliance Standards: At Momento, we believe in “trust but verify”. We perform a SOC2 Type II audit and invest in continual compliance tooling to ensure we’re meeting our rigorous security controls. We can work with you to support workloads needing GDPR and HIPAA compliance, underscoring our commitment to both data security and privacy.

We believe in building applications on a foundation of uncompromising security. Through every facet of caching – be it encryption, authentication, or compliance – we are unwavering in our commitment to safeguarding your data.

Get started with the Momento platform today by creating an account through our console and start building in minutes.

Share