In the digital era, the security of data is more crucial than ever. At Momento, we prioritize ensuring that your applications are not just efficient, but are safeguarded with the utmost security measures. 

Historically, caching has often been overlooked from a security perspective. However, this isn’t acceptable at Momento. With default features like end-to-end TLS, encryption at rest, and per-request authentication, we eliminate potential end-user misconfigurations that can compromise security.

Our serverless pricing model combined with the instant provisioning of Momento caches means there’s no longer a necessity to share caches across different workloads and teams. This not only enhances security by isolating caches but also ensures cost-effective utilization for each service leveraging Momento. There’s no need to sacrifice security for cost savings.

The pillars of security

1. End-to-end encryption: Data remains encrypted from the moment of caching to retrieval, ensuring consistent data protection. There is no way to disable TLS connection to your caches eliminating the chance for misconfiguration.
2. In-memory encryption: Offers an added layer of defense against potential breaches within the system’s memory. 
3. Adaptable Private Link Support: Whether it’s VPC PrivateLink, Transit Gateway, or VPC peering, Momento accommodates varied AWS account setups, ensuring data remains confined to your network.
4. Advanced Authentication: We offer a spectrum of authentication methods, each tailored for specific use cases. Create an API key for long-lived server-to-server communications or generate a token for limited-scope, short-lived access via a browser or IoT device. Explore the distinctions between API keys and tokens in our documentation.
5. Improved Observability: Gain greater insights into your workload and data. With advanced observability and analytics out of the box, get new insights into your company workloads and data access patterns.  
6. Governance: With best practices enabled by default for security, availability, and monitoring we help developers move faster and safer. Developers can get up and running quicker and stay safe over time. Eliminate the chance of misconfigured cache: and easily enforce best practices across the company.
7. Rigorous Compliance Standards: At Momento, we believe in “trust but verify”. We perform a SOC2 Type II audit and invest in continual compliance tooling to ensure we’re meeting our rigorous security controls. We can work with you to support workloads needing GDPR and HIPAA compliance, underscoring our commitment to both data security and privacy.

We believe in building applications on a foundation of uncompromising security. Through every facet of caching – be it encryption, authentication, or compliance – we are unwavering in our commitment to safeguarding your data.

Get started with the Momento platform today by creating an account through our console and start building in minutes.

Ellery Addington-White

Author

Founding Engineer at Momento building the world’s first serverless cache. Passionate about pushing the boundaries and taking the serverless and multi-cloud developer experience to the next level. Strong engineering professional with a BS in Computer Science from Beloit College with a demonstrated history working with startups from day 1 up to global scale enterprises. Enjoy diving into any part of the software stack in any language and take on both business and technical challenges.