In this article, we’ll break down DataStori’s execution model and explain how your data remains fully under your control—never leaving your environment and always governed by your internal data policies.
DataStori Execution Model: Keeping Your Data Secure
---
What Is the Hybrid Execution Model?
DataStori operates using a hybrid execution model that separates control from execution:
- The DataStori web application manages and orchestrates the pipelines.
- The actual pipeline execution and data storage takes place entirely within your own cloud environment.
This architecture ensures that your data remains inside your IT infrastructure at all times, which is critical for organizations focused on data privacy, compliance, and security.
---
How Execution Works in Your Cloud
When a pipeline is triggered, DataStori sends only the necessary instructions, code, and credentials to your cloud environment. It then provisions the required compute and infrastructure to execute the pipeline on your behalf.
> Importantly, DataStori never sees your data. Its access is limited to provisioning and orchestrating compute resources—it cannot read, write, or access the actual data flowing through your pipeline.
---
Data Never Leaves Your Environment
Once the infrastructure is live, your data flows securely between your cloud storage and business applications—without ever passing through DataStori servers.
DataStori’s role is limited to:
- Monitoring pipeline progress (success, failure, or retries)
- Providing visibility into execution status
Because execution takes place in your cloud:
- Your data never leaves your environment
- You maintain full control over governance and access policies
- Deployments are supported across AWS, Azure, or GCP in any region
---
Built-in Data Security for Compliance
To further enhance data governance, DataStori provides advanced security features that help you meet regulatory and compliance requirements:
Key Capabilities
- Selective Column Output
Include only the necessary columns in your final dataset to minimize data exposure.
- Column-Level Encryption
Encrypt sensitive or personally identifiable information (PII) before writing it to your data warehouse.
- Data encryption - Customer managed keys and client side encryption
These tools are particularly valuable in compliance-heavy industries such as:
- Finance
- Healthcare
- Insurance
> Organizations in these sectors use DataStori’s granular controls to build secure, audit-ready data pipelines—while keeping their data fully protected within their own infrastructure.
---
Data security within DataStori application
The DataStori web application manages and orchestrates the pipelines. The application itself is SOC2 compliant and employs the best practices suggested by AWS.
Please refer to the DataStori security guide for details on how the application is secured.
For more information on security, please contact us at contact@datastori.io
