What's included in Dataroom Enterprise?

SAML SSO, SCIM provisioning, per-tenant key isolation (customer-managed KMS), audit log streaming to your SIEM, custom DPA and MSA, custom 99.99% uptime SLA with credit math, named CSM, and 24×7 on-call for Sev-1. From $50,000/year.

Can I self-host Dataroom?

Yes, on Enterprise. Run inside your own VPC on Kubernetes (Helm chart provided). Air-gapped option available for the most locked-down environments. Customer-supplied KMS for envelope encryption.

How fast is your procurement turnaround?

Security overview within an hour. We answer custom security questionnaires within 48 hours under NDA. MSA + DPA back from legal within a week for most customers.

Log inGet started

Loading…

Log inGet started

Enterprise

Same product. Different paper.

SSO, SCIM, residency, per-tenant keys, audit streaming, support, and the contract your security team needs before rollout.

Talk to sales Security overview

dataroom.com/settings/security

Enterprise control plane

Atlas Energy workspace·2,184 users·EU region·audit stream healthy

ExportReview

SSO groups

Audit rows

8.4k

Keys

SLA

99.99

Security8AuditliveResidencyEU

Policy controls

active

SAML SSO

Okta group-mapped

active

SCIM

JIT provisioning on

active

Residency

EU Frankfurt

active

KMS

customer-managed

Audit stream

group.mapped

Legal reviewers → room:read

just now

kms.rotated

EU tenant key v4 promoted

4m ago

scim.synced

18 users updated from Okta

9m ago

audit.exported

Datadog stream acknowledged

14m ago

ChatGPT Claude Perplexity Gemini Grok

What you get

The lines procurement underlines.SSO, SCIM, residency, keys, audit.

Enterprise controls

Featured capability

SAML SSO & SCIM

Okta, Azure AD, Google, JumpCloud, OneLogin. Group-mapped roles via SCIM. Just-in-time provisioning.

Feature stackworkspace layer

SAML SSO & SCIM

Granular access controls

Per-tenant key isolation

Granular access controls

Per-link, per-room, per-recipient gates - expiry, view caps, IP and country allow-lists, watermarks, instant revoke.

Per-tenant key isolation

Customer-managed KMS keys on AWS or GCP. Hold your own keys, revoke on demand.

Audit log API

Stream every action - admin or user - to your SIEM. Splunk, Datadog, Elastic, all supported.

Named CSM & on-call support

A real human on Slack Connect. 24×7 on-call for Sev-1, with response SLAs in your contract.

Custom SLA & uptime credits

99.99% uptime guarantee, with credit math written into your MSA. Audited monthly.

Deployment

Three ways to run Dataroom.Hosted, single-tenant, VPC.

Multi-tenant SaaS

From $50k / yr

Same hosted Dataroom, with enterprise SSO, audit log streaming, and per-tenant key isolation.

SSO/SCIM
Custom domains
Audit streaming
Named CSM

Talk to sales

Single-tenant cloud

From $150k / yr

Dedicated AWS or GCP account, single-tenant database, customer-managed KMS, isolated networking.

Dedicated infra
Customer KMS
Isolated networking
Quarterly DR drills

Talk to sales

Self-hosted (VPC)

By quote

Run Dataroom inside your own VPC on Kubernetes. Air-gapped option for the most locked-down environments.

In your VPC
Air-gap option
Customer-supplied K8s
Quarterly audits

Talk to sales

Procurement

We answer your security questionnaire on day one.Access, audit, DPA, answers.

We answer custom security questionnaires under NDA. Security overview, subprocessor list, and data-processing terms shared via the trust portal.

Request the security overview

Security overview & control summary

Subprocessor list, updated quarterly

Data Processing Agreement (DPA)

Custom security questionnaires under NDA

Audit log export & SIEM streaming

Incident response policy & runbook

Review the enterprise-adjacent surfaces.

Security overview Trust portal Access control DPA Subprocessors Talk to sales

Let's talk paper.

Custom MSA, DPA, and the SLA your team wants.

Talk to sales

Loading…

Enterprise

Same product. Different paper.

SSO, SCIM, residency, per-tenant keys, audit streaming, support, and the contract your security team needs before rollout.

Talk to sales Security overview

dataroom.com/settings/security

Enterprise control plane

Atlas Energy workspace·2,184 users·EU region·audit stream healthy

ExportReview

SSO groups

Audit rows

8.4k

Keys

SLA

99.99

Security8AuditliveResidencyEU

Policy controls

active

SAML SSO

Okta group-mapped

active

SCIM

JIT provisioning on

active

Residency

EU Frankfurt

active

KMS

customer-managed

Audit stream

group.mapped

Legal reviewers → room:read

just now

kms.rotated

EU tenant key v4 promoted

4m ago

scim.synced

18 users updated from Okta

9m ago

audit.exported

Datadog stream acknowledged

14m ago

ChatGPT Claude Perplexity Gemini Grok

What you get

The lines procurement underlines.SSO, SCIM, residency, keys, audit.

Enterprise controls

Featured capability

SAML SSO & SCIM

Okta, Azure AD, Google, JumpCloud, OneLogin. Group-mapped roles via SCIM. Just-in-time provisioning.

Feature stackworkspace layer

SAML SSO & SCIM

Granular access controls

Per-tenant key isolation

Granular access controls

Per-link, per-room, per-recipient gates - expiry, view caps, IP and country allow-lists, watermarks, instant revoke.

Per-tenant key isolation

Customer-managed KMS keys on AWS or GCP. Hold your own keys, revoke on demand.

Audit log API

Stream every action - admin or user - to your SIEM. Splunk, Datadog, Elastic, all supported.

Named CSM & on-call support

A real human on Slack Connect. 24×7 on-call for Sev-1, with response SLAs in your contract.

Custom SLA & uptime credits

99.99% uptime guarantee, with credit math written into your MSA. Audited monthly.

Deployment

Three ways to run Dataroom.Hosted, single-tenant, VPC.

Multi-tenant SaaS

From $50k / yr

Same hosted Dataroom, with enterprise SSO, audit log streaming, and per-tenant key isolation.

SSO/SCIM
Custom domains
Audit streaming
Named CSM

Talk to sales

Single-tenant cloud

From $150k / yr

Dedicated AWS or GCP account, single-tenant database, customer-managed KMS, isolated networking.

Dedicated infra
Customer KMS
Isolated networking
Quarterly DR drills

Talk to sales

Self-hosted (VPC)

By quote

Run Dataroom inside your own VPC on Kubernetes. Air-gapped option for the most locked-down environments.

In your VPC
Air-gap option
Customer-supplied K8s
Quarterly audits

Talk to sales

Procurement

We answer your security questionnaire on day one.Access, audit, DPA, answers.

We answer custom security questionnaires under NDA. Security overview, subprocessor list, and data-processing terms shared via the trust portal.

Request the security overview

Security overview & control summary

Subprocessor list, updated quarterly

Data Processing Agreement (DPA)

Custom security questionnaires under NDA

Audit log export & SIEM streaming

Incident response policy & runbook

Review the enterprise-adjacent surfaces.

Security overview Trust portal Access control DPA Subprocessors Talk to sales

Let's talk paper.

Custom MSA, DPA, and the SLA your team wants.

Talk to sales