EnvKey takes a layered approach to security. In addition to client-side encryption, all database and application servers associated with our Cloud and Business Self-Hosted products run in a VPC on a private subnet with no access to the public internet.
- All requests use TLS.
- All databases and backups are encrypted at rest with AES-256.
- Our Business Self-Hosted product offers Behind-Your-Firewall mode, which allows you connect to EnvKey from a VPC in another AWS account using AWS PrivateLink and avoid exposing EnvKey to the public internet entirely.
Updated about 1 month ago