Encryption in Site24x7

Encryption safeguards the contents of a message so that only the intended recipient can read it. Encryption is done by replacing the contents with unrecognizable data, which can be decrypted only by the intended recipient. Thus, data is protected from those who might try to steal it.

 

Two situations where encryption can be used are:

• Encryption in Transit

• Encryption at Rest (EAR)

 

Encryption in Transit

This refers to data that is encrypted when it is in transit—including from your browser to the web server and other third parties via integrations. Encrypting data in transit protects your data from man-in-the-middle attacks.

Learn more about Encryption in Transit.

 

Encryption at Rest

This refers to encrypted data that is stored (not moving)—either on a disc, in a database, or as some other form of media. Encrypting data by storing it in the servers provides a higher level of security than encrypting data during transit. EAR protects against any possible data leak due to server compromise or unauthorized access.

 

Encryption is done at the application layer using the AES-256 algorithm, a symmetric encryption algorithm using 128-bit blocks and 256-bit keys. The key used to convert the data from plain text to cipher text is called a Data Encryption Key (DEK). The DEK is further encrypted using the Key Encryption Key (KEK), providing yet another layer of security. Our in-house Key Management Service (KMS) generates and maintains the keys.

Learn more about our KMS.

 

What Data do we encrypt in Site24x7? 

Site24x7 encrypts the following sensitive data at the application level.

• Mobile number

• Email address

• Hostname

• IP address

• URL

• Access token

• Domain name

• Credential

• Service account
  

• NCM configuration backups

 

Full-disk encryption

Besides application-layer encryption, full-disk encryption is available in India (IN), Australia (AU), Saudi Arabia (SA), Canada (CN), and Japan (JP) data centres. Learn more about full-disk encryption.

Learn more about encryption and our KMS.

• Related Articles

• What should I do if Service Health data collection in Microsoft 365 monitor is not happening?

  Your Microsoft 365 monitor's Service Health data collection may have stopped because of the recently updated Microsoft 365 Service Communications API policy. Follow the steps below if Service Health data collection in your Microsoft 365 monitor is ...

• Troubleshooting VMware ESX hardware monitor sensor data

  If your VMware ESX hardware monitor displays inaccurate or outdated sensor data that does not reflect the actual state of the ESX server, follow these steps to refresh the hardware health data: Steps to fix outdated sensor data: Log in to the VMware ...

• Troubleshooting steps if the data collection stops for a network device

  Case 1: The On-Premise Poller is Down and/or the Network Module is Disabled. Go to Admin > On-Premise Poller. Check if the state of the On-Premise Poller is active. If not, activate it. Check if the status of the On-Premise Poller is up. If it's ...

• Data retention in Real User Monitoring (RUM).

  The following table explains the data retention period of real user monitoring data that are being stored by Site24x7.  S.No Data type Retention period 1 JS errors One week 2 Filterable performance and user sessions One month 3 Performance metrics ...

• Where are Site24x7's physical data storage regions located?

  Site24x7's integrated data centers are located in the US, European Union, India, China, Australia, and Japan. All Site24x7 customer-related data are stored in these physical storage regions. Data Center USA European Union India China Australia Japan ...