Dagster Compass Security Guide
What is Dagster Compass?
Dagster Compass is an AI-powered data analysis assistant that enables teams to interact with their data through natural language queries in Slack. Built by Dagster Labs, Compass leverages LLM providers such as Anthropic and OpenAI to provide intelligent data analysis and visualization while maintaining enterprise-grade security.
π Key Security Points
Your Data Stays With You
- We DON'T store: Your actual database data, query results, or sensitive business information
- We DO store: Slack conversations, configuration settings, usage analytics, and documentation you provide for context
How It Works
- You ask questions in Slack
- Compass generates SQL queries
- Queries run in YOUR data warehouse
- Results are processed and answered in Slack
- Only the conversation is saved, not your raw data
π‘οΈ Security Features
Encryption
- In Transit: All data encrypted using TLS 1.2+
- At Rest: All stored data encrypted with AES-256
Access Controls
- Read-Only: Can only view data, never modify or delete
- Channel-Based: Bot only accesses channels you invite it to, and each channel can have separate data warehouse service accounts
- Multi-Factor Authentication: Required for all admin access
- Service Accounts: Use dedicated accounts with minimal permissions
AI Privacy
- Your data is never used to train AI models
- AI providers (Anthropic, OpenAI) don't retain your queries
- Enterprise agreements ensure data privacy
ποΈ Infrastructure
Where Things Live
- Conversations: Slack Enterprise Grid (isolated workspace)
- Application: Render.com (AWS-based, SOC 2 certified)
- Context Docs: GitHub repositories (version controlled)
- Payments: Stripe (if applicable)
Isolation
- Each customer has completely separate:
- Slack workspace
- Database connections
- Bot instances per channel
- GitHub repositories for context
π Monitoring & Compliance
What We Track
- System performance and health
- Usage patterns (anonymized)
- Conversation history (in Slack)
- All configuration changes
Security Monitoring
- Automated threat detection & DDoS protection
- Unusual query pattern alerts
- Rate limiting to prevent abuse
- Regular security audits
ποΈ Data Retention
Default Retention Periods
- Slack Conversations: Follow your Slack policies
- Analytics: 180 days
- Session Data: Auto-cleanup after 180 days
Data Deletion
- Delete conversations anytime from Slack
- Account deletion removes all stored data
- GDPR/CCPA right to erasure compliance
β Your Responsibilities
Must-Do's
- Secure Your Data Warehouse
- Use dedicated read-only service accounts with minimum required permissions
- Rotate credentials periodically based on your policies
- Maintain secure data warehouse environments
- Manage Slack Access
- Control who can use and administer Compass internally - only invite trained users to Compass Slack channels
- Train users on appropriate usage
- Review Context Documents
- Review and approve context documentation
- Keep context accurate and relevant
- Monitor Usage
- Review data warehouse audit logs regularly
- Check for unusual activity
π Need Help?
- Security Issues: security@dagsterlabs.com
- Report Vulnerabilities: vulnerability@dagsterlabs.com
- General Support: compass-support@dagsterlabs.com
- Documentation: Help Docs (opens in a new tab)
- System Status: dagstercloud.statuspage.io (opens in a new tab)
Quick Security Checklist
β Your actual database stays in your warehouse
β Only final query results are stored
β All connections encrypted
β Read-only access to data warehouses
β No AI training on your data
β Complete Slack workspace isolation
β Regular security audits
β 24/7 monitoring
Remember: Dagster Compass is designed to be a secure extension of your data team. Your actual data always stays in your control.