Versions Compared

Old Version 19

changes.mady.by.user Alan Cohen

Saved on

compared with

New Version 20

changes.mady.by.user Tristan Mohn

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This is a customer-focused details page describing the security in place for ZenGRC storage. As always, if you have additional questions feel free to reach out to support@zengrcsupport@reciprocitylabs.com.


Questions

Where does my data go?

...

Data is encrypted with Amazon managed keys:

Each object is encrypted with a unique key employing strong multi-factor encryption. As an additional safeguard, it encrypts the key itself with a master key that it regularly rotates. Amazon S3 server-side encryption uses one of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256), to encrypt your data

https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html

Encryption in Transit

Data is encrypted using TLS 1.2 when in transit between the ZenGRC application and ZenGRC Storage (AWS S3). Data is encrypted between the ZenGRC application and user based on the highest version of TLS supported by the user's browser. The minimum version of TLS supported by ZenGRC is v1.1.

...