Enterprise Link
Enterprise-grade control over data and delivery
Protect every artifact with automated policy controls that scale with your business. Cloudsmith makes it easy to enforce security, compliance, and governance across every stage of your software supply chain.
Add an additional layer of security and governance to Cloudsmith with Enterprise Link
Cloudsmith was built secure-by-design. Every artifact, log, and transaction is encrypted and isolated, protecting customer data at every stage. For enterprises that require greater governance or network control, Enterprise Link is a set of controls that add additional options to restrict, isolate and manage connectivity.
These controls add layers of assurance to safeguard your most valuable IP, including org-wide data residency controls, fixed IP ranges to enable firewall rules, IP and geographic blacklisting, and ephemeral tokens for authentication.
By implementing the Enterprise Link controls, enterprises get the benefits of a globally-distributed SaaS solution, with even stronger protection against threat actors and stricter alignment with corporate security policies.
By implementing the Enterprise Link controls, enterprises get the benefits of a globally-distributed SaaS solution, with even stronger protection against threat actors and stricter alignment with corporate security policies.
Access Control & Security
GEO/IP Restrictions at Workspace Level– Apply GEO/IP restrictions to the entire workspace, covering both UI and download endpoints, not just downloads.
Global Workspace Defaults for IP Allow Lists – Set a default IP allow list at the workspace level that applies to all repositories.
Static IP Address Access – Provide access to Cloudsmith from a fixed, small range of static IPs for easier firewall and security management, while reducing data output and NAT costs
OIDC Authentication for Service Accounts – Support OpenID Connect for service accounts, enabling secure token-based authentication and integration with identity providers.
Global Workspace Defaults for IP Allow Lists – Set a default IP allow list at the workspace level that applies to all repositories.
Static IP Address Access – Provide access to Cloudsmith from a fixed, small range of static IPs for easier firewall and security management, while reducing data output and NAT costs
OIDC Authentication for Service Accounts – Support OpenID Connect for service accounts, enabling secure token-based authentication and integration with identity providers.
Data Residency & Storage Configuration
Workspace-Level Repository Storage Regions – Define storage regions at the workspace level instead of per repository for consistency and compliance.
Default Fixed Region for All Data – Configure a single fixed default region for all workspace storage and data to maintain consistent residency.
Default Fixed Region for All Data – Configure a single fixed default region for all workspace storage and data to maintain consistent residency.
Endpoint & Data Protection
Simplified Custom Domains for All Endpoints – Self-serve (or semi-self-serve) configuration of custom domains for all package endpoints, supporting all formats e.g. packages.your-company.com.
Full End-to-End Encryption – Ensure packages are encrypted both in transit and at rest for maximum security and compliance.
Full End-to-End Encryption – Ensure packages are encrypted both in transit and at rest for maximum security and compliance.
Frequently Asked Questions
Ready to get started?
Speak with a Cloudsmith expert about your security and compliance requirements. We're here to help.