diff --git a/Dockerfile b/Dockerfile
index 0930dd39..a4177aba 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:12 as builder
+FROM node:12-alpine as builder
 
 WORKDIR /usr/src/app
 
@@ -7,9 +7,12 @@ COPY ui/ .
 RUN yarn install --frozen-lockfile
 RUN yarn export
 
-FROM node:12
+FROM node:12-alpine
 LABEL maintainer="OhMyForm <admin@ohmyform.com>"
 
+# Create a group and a user with name "ohmyform".
+RUN addgroup --gid 9999 ohmyform && adduser -D --uid 9999 -G ohmyform ohmyform
+
 WORKDIR /usr/src/app
 
 COPY api/ .
@@ -27,4 +30,7 @@ ENV PORT=3000 \
 
 EXPOSE 3000
 
+# Change to non-root privilege
+USER ohmyform
+
 CMD [ "yarn", "start:prod" ]