We(company) is looking to use Metabase self-hosted open source version in our project. Currently reviewing the metabase security standards , disaster recovery plan, etc before we make a final decision in the project. Could you please provide a link to -
Metabase data center location
Security/privacy certification status
Names and links to 3rd parties/services that are used to support the metabase solution
Data encryption standards used
Vulnerability management policy and procedures
Data breach policy related to customer data
DR plan
It would be very helpful if all the above requested information are provided to leverage the best capabilities of metabase.
I am looking for Location of metabase maintained hardware/software locations( could be an on-perm data center location or cloud hosted )
Does that mean metabase isn't compliant on example- ISO 27001 or other ISO security certifications, SOC2, FedRAMP, Cloud Security Alliance, HIPAA/HITRUST, CMMC, PCI-DSS, GDPR etc.security standards ?
To reframe my question- how would metabase handle disaster recovery procedure?
Additionally if required to reach out to metabase support team for helping us resolve an issue, can you provide info of support personnel(team) who has access to our technical artifacts -
Geographic location of support personnel
Can they be limited to United States(our office location)?
How does metabase screen their support personnel(contractors, FTE who help us in resolving the case)?
Can personnel undergo a US federal government client required background investigation if required?
Hi @sramesh, as @flamber mentioned, if you will be using your own infrastructure to host Metabase, then all questions regarding location of datacenters, standards, etc, have to be answered by your hosting provider, not us, since we only provide an open source software that you run.
If you need answers about our hosting solution (Metabase Cloud) since you will use our Cloud to host your Metabase software or you're considering to purchase Metabase Enterprise, then please write an email to support. Thanks