Security White Paper

Fine-Grained Authorization

UGO uses Identity and Access Management (IAM) to implement fine-grained permission management. IAM provides identity authentication and access control, grants different permissions to different user groups, uses fine-grained authentication to control the usage scope of UGO resources, and ensures users have secure access to services.

Network Isolation

UGO connects to a source database through a public network and connects to a target database through a non-public network.

UGO and the target database are located in different VPCs, and their networks are isolated by default. UGO is authorized to establish a VPC endpoint to connect to the target database, so the connection process is point-to-point. Networks of different users connected to UGO are still isolated from each other.

High Availability

UGO uses the multi-node DR mechanism to ensure high availability.

Storage Encryption

UGO takes security measures, including but not limited to encryption, for sensitive information such as user database accounts and passwords to ensure data security.

Transmission Encryption

UGO provides SSL for connecting to the source and target databases to improve data transmission security.

Data Deletion

When UGO evaluation or migration tasks are deleted, all task data of users is also deleted and cannot be restored.