Security & Trust Center
Your data security is our priority
The Databricks Lakehouse architecture is split into two separate planes to simplify your permissions, avoid data duplication and reduce risk. The control plane is the management plane where Databricks runs the workspace application and manages notebooks, configuration and clusters. The data plane handles your data processing. With serverless deployments, the data plane exists in your Databricks account rather than your cloud service provider account. You can enforce your data exfiltration protection requirements with Databricks with security controls like customer-managed VPCs/VNets and admin console options that disable export.
Our security features page covers architectural security controls, such as encryption, access control, and governance.