Our policies require unique keys be used for each use case, and that keys not be reused for unrelated purposes. Keys for encryption of customer data at rest are managed by our cloud platform's providers. We use public/private keys to secure access to code repositories. Keys used by staff are generated by Elium employees on an individual basis and stored on local machines (full-disk encryption is enforced).