> ## Documentation Index
> Fetch the complete documentation index at: https://docs.openlayer.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Security

> Learn more about our data security practices and compliance measures.

## Overview

At Openlayer, our number one priority is the security and privacy of our users' data.

Our platform is designed with best-in-class security measures to ensure your data is safe and
secure at every layer. This includes state-of-the-art encryption, safe and reliable infrastructure
partners, and independently verified security controls.

## Authentication Options

Openlayer provides multiple secure authentication methods:

* **Email and Password**: Standard authentication with strong password requirements
* **Google SSO**: Single Sign-On with Google Workspace accounts
* **SAML SSO**: Enterprise-grade Single Sign-On with your identity provider (IdP)
* **Multi-factor Authentication (MFA)**: Add an extra layer of security with authenticator apps and recovery codes

For more information on setting up SAML SSO, including how to authenticate bot users, see our [SAML SSO documentation](/security/saml-sso). To configure multi-factor authentication for your account, see our [Multi-factor Authentication documentation](/security/multi-factor-authentication).

## Certifications

Openlayer is SOC 2 Type II compliant. To receive a copy of the report, email [security@openlayer.com](mailto:security@openlayer.com).

## Report a Vulnerability

You can read more about reporting any suspected security issues, what's in scope
for reports and other guidelines on our [responsible disclosure page](https://openlayer.com/disclosure).

## FAQ

<AccordionGroup>
  <Accordion title="Who is your cloud infrastructure provider and what region is your instance located?">
    We use Amazon Web Services and our region is US West 2.
  </Accordion>

  <Accordion title="Is my data encrypted?">
    All communication outside our cloud environment is encrypted. In addition,
    our databases are encrypted at rest.
  </Accordion>

  <Accordion title="Do you offer role-based access control (RBAC)?">
    Yes. Every workspace member is assigned one of four roles: **Admin**,
    **Member**, **Member Restricted**, or **Viewer**. Each role grants a
    different level of access, from full workspace control (Admin) to read-only
    visibility (Viewer). See [Roles and
    permissions](/security/roles-and-permissions) for full details and a
    permission matrix.
  </Accordion>

  <Accordion title="Can I deploy Openlayer on-premise?">
    Yes, you can self-host Openlayer with a single command. Reach out to us at
    [sales@openlayer.com](mailto:sales@openlayer.com) for instructions.
  </Accordion>

  <Accordion title="Do you support SAML SSO for enterprise authentication?">
    Yes, Openlayer supports SAML SSO with all major identity providers. This
    allows your organization to authenticate users through your IdP, providing
    enhanced security and a streamlined login experience. See our [SAML SSO
    documentation](/security/saml-sso) for setup instructions.
  </Accordion>
</AccordionGroup>