www.gsx.com | log in | register

Last update: . Author: Olivier RAYNAUT .

Is my customer data encrypted within GSX 365 Usage?

Yes. Customer data privacy and security are our biggest priorities,

Here’s a run down of the various parts of our infrastructure and how the data is encrypted at each point.

Front-end web servers

The GSX 365 Usage front-end web servers redirect all visitors to a forced SSL (HTTPS) connection to prevent the transmission of customer data in plain text.  All traffic between the user’s web browser and our web server is encrypted with a 2048 bit Thawte SSL certificate.

The front-end web servers communicate to our databases over an AES-265 encrypted connection using a 1024 bit public key.  This certificate is provided by Amazon Web Services (AWS).

Databases

All communication to our databases is done over an AES-265 encrypted connection using a 1024 bit public key.  This certificate is provided by Amazon Web Services (AWS).  More information about RDS database encryption can be found here:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/MySQL.Concepts.html#MySQL.Concep ts.SSLSupport

All GSX 365 Usage databases that store user information are also encrypted at rest using AES-256 encryption.  The keys for this are stored within Amazon’s Key Management System.  More information about this type of encryption can be found here:
http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html

This includes all database backups.

User account passwords are one-way hashed using the Blowfish encryption algorithm and are uniquely salted.  This hash is then stored in our database and compared to the hash of an entered password during the authentication phase.  Service Account Passwords are encrypted with a 256 bit key.

Microsoft Data Collection

All data is collected from Microsoft’s servers over HTTPS.


Was this article helpful?

0 out of 0 found this helpful




Not finding what you are looking for?

Have more questions? Submit a request