Where MachineCert runs.
MachineCert is deployable as SaaS, private cloud, on-premises, and air-gapped. Our SaaS runs on DigitalOcean, whose data centers maintain independently audited security and physical controls.
Who is responsible
for what.
Security is a shared responsibility between the infrastructure provider, MachineCert, and you. Here is how it divides for the SaaS deployment.
MachineCertapp · data · accessHow the platform is run.
TLS 1.3 in transit, AES-256 at rest, managed key rotation.
Inherited from DigitalOcean’s audited, access-controlled data centers.
Regular backups, redundancy, and tested recovery procedures.
Hardened, isolated environments with least-privilege access.
SaaS, private cloud, on-prem, and air-gapped options.
Continuous security monitoring and alerting.
Run it your way.
Fully managed on DigitalOcean — fastest to value.
Deployed in your own cloud account for tighter control.
Run entirely within your environment, including isolated networks.
Security questions?
We’re glad to answer.
Request documentation, our subprocessor list, or a conversation with the team that builds MachineCert.