When an end-user visits Elium, the details of their interactions are transferred to Elium through connections over HTTPS exclusively. All data transferred over HTTPS is encrypted. Cloud Platforms encrypt customer data stored at rest by default. Data is broken into subfile chunks for storage, and each chunk is encrypted at the storage level with an individual encryption key. The key used to encrypt the data in a chunk is called a data encryption key (DEK). Because of the high volume of keys at Cloud Platforms, and the need for low latency and high availability, these keys are stored near the data that they encrypt. The DEKs are encrypted with (or “wrapped” by) a key encryption key (KEK).
Updated over a week ago