- 21 May 2021
- DarkLight
Cloud Object Storage Encryption and Regulatory Compliance
- Updated on 21 May 2021
- DarkLight
Encryption
Expedient's Cloud Object Storage platform leverages AES256 encryption methods to encrypt all data at rest. This configuration is enabled by default, requiring no action on your part. A shared encryption key is utilized across all data stored within the system. If desired, you may manually override the default encryption levels, providing a key of your own via the S3 protocol.
Data is also encrypted in flight as all S3 API commands leverage HTTPS (TLS 1.2). This ensures that data remains secure while it is being transferred between a client system and the Cloud Object Storage platform.
Regulatory Compliance
The technology powering Expedient's Cloud Object Storage has achieved multiple regulatory certifications and compliance ratings. The platform is Common Criteria EAL2 certified as well as FIPS140-2 Level 1 validated. These attestitions involve a review and certifcation of the crypographic methodoligies utilized and are a 'gold standard' for data security.