This document describes how New Relic protects the security of your data. For more information about our security measures, see our data privacy documentation and the New Relic Security website.
Secured content
Data for New Relic accounts are isolated so that users can only see the data for accounts they own (or have been given permission to see). New Relic also has certain rights regarding customers' data, described in the Terms and Conditions page on the New Relic website.
Analytics
In order to help us improve our product and user experience, New Relic uses third-party analytics services to better understand the behavior of users on our site. The user data that New Relic collects is used solely by New Relic and is not shared, sold, or rented to any third parties for their own use. For more information, see our Services data privacy notice.
Data transmission and firewalls
The New Relic agent communicates with two hosts:
collector.newrelic.comcollector-nnn.newrelic.com, where nnn is a numerical value
Typically the numbered host is fixed for your account, and it appears in log/newrelic.agent.log.
For required changes when you want to create firewall rules to allow the agent to communicate, see Networks. For more information about security measures for your data in transit to New Relic or at rest in our storage, see Data encryption.
Cloud data storage
New Relic uses a multi-cloud data storage approach in two regions currently, the United States and the European Union. We currently have data storage in Amazon Web Services and Azure in those regions. Data is stored in our New Relic telemetry database.
We have specific certifications and standards as it pertains to data storage, which can be found in more detail in our Certifications, standards, and regulations documentation.
Data access
Access to account data by New Relic employees is limited to a necessary set of users consistent with their assigned New Relic responsibilities. Except to the extent necessary to provide subscribed services and as documented in our Services data privacy notice, customer account data is not shared with any third parties. All customer account data access is logged and regularly audited.
HTTP parameters disabled by default
By default, New Relic agents disable collection of HTTP request parameters, such as the query string of a URL. This is an automatic safeguard to protect potentially sensitive data. New Relic collects and displays HTTP parameters only when you explicitly enable them in your agent configuration file.