content/operate/rc/security/_index.md
Redis Cloud provides a number of ways to secure subscriptions and databases.
As a Redis Cloud user, consider these security domains:
First, you might want to review our [shared responsibility model]({{< relref "/operate/rc/security/shared-responsibility-model" >}}) for security.
The Redis Cloud console is the web application you use to manage your Redis Cloud deployments.
Secure access to the Redis Cloud console by:
Assigning appropriate roles to [team members with access]({{< relref "/operate/rc/security/access-control/access-management#team-management-roles" >}}).
Enabling [multi-factor authentication]({{< relref "/operate/rc/security/access-control/multi-factor-authentication" >}}).
Enabling [SAML SSO]({{< relref "/operate/rc/security/access-control/saml-sso" >}}).
{{< note >}} A user session on Redis Cloud expires after 30 minutes. You'll be signed out of Redis Cloud after 30 minutes of inactivity. {{< /note >}}
You have several options when it comes to securing your Redis Cloud databases. For more information, see [Cloud database security]({{< relref "/operate/rc/security/database-security/" >}}). Options include:
The Redis Cloud API allows you to programmatically administer your subscriptions and database deployments. This API is disabled by default. When you [enable the API]({{< relref "/operate/rc/api/get-started/enable-the-api" >}}), you can then [manage the API keys]({{< relref "/operate/rc/api/get-started/manage-api-keys" >}}) for all owners of your Redis Cloud account. For an overview of the security features of the API, see the [API authentication documentation]({{< relref "/operate/rc/api/get-started/" >}}).
{{< university-links >}}