Skip to main content
Security is about protecting the data that your organization uses, stores, and transmits. This data might be sensitive data about customers, financial information, or critical line-of-business data for your organization. With Cognite, you are the owner of your data. We use your data only to provide agreed-upon services. We handle your data securely, and we comply with privacy and legal regulations. If you leave our services, we ensure that you continue owning your data.

Shared security responsibility

Depending on the type of service you select, some security protections are built into the service, while others are your responsibility. With CDF, security is a collaboration between the customer, Cognite, and the cloud service provider (for example, Microsoft or Google).
Diagram showing shared security responsibilities between customer, Cognite, and cloud service provider

Identity and access management

Authentication and authorization are two critical concepts in identity and access management.
  • Authentication is about determining the identity of a person or service trying to access a resource.
  • Authorization defines what level of access an authenticated person or service has. It specifies what data they can access and what they can do with it.
Cognite has built-in features to integrate with your organization’s identity provider (IdP) and manage and update your access management and data governance policies.

More information

Last modified on January 27, 2026