Data Security
Security, privacy, & compliance
At Leafcloud, we care a great deal about your privacy and the security of your data. Here you can find out all about how we go about guaranteeing data security

Security
Learn about
disagregated storage and compute, compliance, and encryption and security features
Compliance
Certifications
Leafcloud maintains strict data security standards and is audited annually to maintain ISO27001 and SOC2 type-II certifications and standards.

Architecture
Distributed data processing
Leafcloud uses a distributed architecture. It consists of a core, housed in a traditional Tier-III data center, and several Leaf sites. Each site is connected to the core using a private dark-fiber connection.

Disaggregated
Splitting storage and compute
Data at rest is always stored in the data center. A compute instance (VM) starts with a network-attached disk, only reading the bits needed for processing at the Leaf site and confining these to the RAM. This means data is never stored at a Leaf site and no data can be stolen from a compute instance at a Leaf site.

encryption
LUKS full disk encryption
All volumes are encrypted by default using Linux Unified Key Setup (LUKS), a kernel-based encryption method. With this mechanism, storage data is only decrypted and encrypted on the VM instance. As a result, no data traverses the network unencrypted.

secure data processing
Security at Leaf sites
Leafcloud Leaf sites are housed at undisclosed locations. Access to Leaf sites is strictly controlled and Leaf sites contain several layers of security. These include but are not limited to: • Multiple layers of physical access control • CCTV surveillance • Facility access logging • Full disk encryption. Despite the unlikely event of unauthorized access, servers housed in Leaf sites are devoid of compromising data. Sensitive data on Leaf sites is limited to passage through RAM. This means data is never stored at a Leaf site and no data can be stolen from a compute instance at a Leaf site.

secure storage
Safe & secure in the core
Your data is stored at our core location in a T-III data center with the following certifications.

software
Hardend OpenStack cluster
Leafcloud uses OpenStack, which is an open-source cloud initiative and therefore both transparent and constantly being improved. With over 500 member companies and thousands of active users it is the largest open-source cloud computing platform. Our OpenStack cluster utilizes the best practices for multi-tenancy on a cluster. This includes using the KVM Hypervisor and GRE separated user networks. Our implementation partner StackHPC has years of experience building and hardening OpenStack clusters.

Carbon Reducing
Calculate your Yearly Climate Gain
Our compute heavy machines are housed in apartment complexes and care homes. That's means your workload reduces emissions for heating shower water. With the heat from your workload people in a care home get a hot shower! Find out how much you can prevent
Accelerate now
We believe in open communication and transparant offerings. You can always reach us by email and if you're having trouble with a project, just hop on Slack with one of our devs.