PII Data (for all Customers)
PII Data is encrypted following FIPS 140-2 encryption standards by employing AES-256 Symmetric Keys.
OEM Customers (Customers who self-host our Products/Solutions)
Data at Rest
We recommend customers to employ and use Transparent Date Encryption (TDE) to encrypt the database and log files as rest.
Your Database Administrator or IT Administrator will have to setup and configure TDE. MathCraft can support this effort with additional Time and Material cost.Data in Transit
We employ HTTPS and TLS which encrypts information and data in transit.Connection Passwords
Database Connection password and SMTP password can be encrypted and saved in the properties file instead of exposing these passwords in plain-text.
We employ Jasypt encryption and use PBEWithMD5AndDES algorithm.
SaaS Customers (Customers who host our Products/Solutions directly with us)
Data at Rest
The database files, logs and backups are encrypted at rest by employing Transparent Data Encryption. Backups are stored in Azure Storage Containers.Data in Transit
We employ HTTPS and TLS which encrypts information and data in transit.Connection Passwords
Database Connection password and SMTP password are stored in Azure Key Vaults.