Encryption
  • 1 Minute to read
  • Dark
    Light
  • PDF

Encryption

  • Dark
    Light
  • PDF

Internal communication to Rivery employs SSL to ensure that communication is secure.
Any credentials used to access other systems (such as your database or an integration) are encrypted at run time before they are stored by Rivery.
Within the platform, data is always encrypted in transit and at rest. Rivery encrypts data at rest with AES-256.
Rivery provides a number of safe ways to connect to integrations and destinations:

For integrations and destinations that enable these capabilities, all plans include SSL/TLS, SSH tunnels, and IP whitelisting.

Data at Rest Encryption

Rivery deploys industry-leading encryption algorithms to secure customer data and files, that reside in Rivery storage systems, based on AWS configuration. Customers’ data at rest is encrypted and hosted in separate storage services provided by AWS, which are secured via durable encryption, using advanced encryption standards (AES256) - the same level of data security required by the Sarbanes-Oxley Act, the Gramm-Leach- Bliley Act, and the Health Insurance Portability and Accountability Act (HIPAA).

Data in Transit Encryption

All traffic between the Rivery’s customers and the application is secured through a TLS connection, which encrypts all communication between the web server and client browser. Our application security protocols are periodically updated to accept only recent versions (currently ver. 1.2 and above) discontinuing support for older TLS 1.0 and 1.1 versions which were formally deprecated by the IETF (Internet Engineering Task Force) in June, 2020 (RFC 8996).

Database Encryption

AWS KMS (Amazon Key Management Service) and its encryption standards protect all passwords and credentials on our internal databases. Learn more about Amazon's encryption standards.

Backups

All Network backups are encrypted with Advanced Encryption Standard AES256.

Endpoints Encryption

Full disk encryption (FDE) is deployed on all Rivery’s endpoints and applied to all OS used as a mandatory requirement under the company’s infosec policy.


Was this article helpful?