Data security and encryption

This article introduces data security configurations to help protect your data

For information about securing access to your data, see Data governance guide.

Overview of data security and encryption

Databricks provides encryption features to help protect your data. Not all security features are available on all pricing tiers. The following table contains an overview of the features and how they align to pricing plans.


Pricing tier

Customer-managed keys for encryption


Workspace settings for data security


Enable customer-managed keys for encryption

Databricks supports adding a customer-managed key for workspace storage to help protect and control access to data. You can configure your own key to encrypt the data on the GCS bucket associated with the Google Cloud project that you specified when you created your workspace. The same key is also used to encrypt your cluster’s GCE persistent disks. For more information, see Customer-managed keys for workspace storage

Manage workspace settings

Databricks workspace administrators can manage their workspace’s security settings, such as the ability to download notebooks and enforcing the user isolation cluster access mode. For more information, see Manage workspace settings.