Privacy and security information#
When using Neptune in your project, there are several things you can do to control what data is logged and who can access it.
The following sections list some considerations and tips, which may be useful especially if you're working with sensitive data.
Tracking artifact metadata#
Instead of uploading data and other files directly, you can track and version them using Neptune artifacts. Neptune only logs metadata like URL and file path, size, and the last modified time for such artifacts. Neptune supports Amazon S3, Google Cloud Storage (GCS), and other S3-compatible providers.
To learn more, see Track artifacts.
Neptune client vs integrations#
Regarding the Neptune API, the following is good to know:
- Working with the Neptune client library: If you're only using neptune (or neptune-client), you're fully in control of what is logged and sent to Neptune. See the below section for what's logged by default and how to turn it off.
- Working with integrations: If you're using an integration library (such as neptune-pytorch), check the integration guide for what metadata is tracked and how to customize the logging.
Automatically logged metadata#
Neptune runs log certain metadata by default, such as system metrics, the source code used to initialize the run, and Git information.
You can control and disable these options as needed. For details, see What Neptune logs automatically.
Public and private projects#
Neptune projects have three levels of privacy:
- Public: Visible to anyone on the internet.
- Workspace: Only accessible to workspace members.
- Private (on plans with project level access control): Only workspace members specifically assigned to the project can access it.
To improve the security, the ability to create public projects is disabled by default. Admins can enable this option in the workspace settings.
Additionally, you can manage which workspace members can access which projects by choosing a plan that includes access control. (Service accounts always need to be explicitly added to a project in order to access it.)
Deploying Neptune on-premises#
If you need a completely self-hosted solution, you can also deploy Neptune on your own infrastructure.
Neptune only needs to connect to the internet to fetch the installation artifacts; otherwise it does not communicate outwards or send data anywhere (except for what you may have explicitly configured for your installation of Neptune).
To learn more, see On-prem.
Neptune is SOC 2 compliant. You can learn more in the security portal .