Ensuring the security of your data is a core priority for SyncBox. This chapter outlines the measures and policies in place to safeguard communication, storage, and processing of data throughout the system.
Communication Between Systems
All communication between systems in SyncBox is conducted over secure, encrypted connections. By default, HTTPS with a valid certificate is used, ensuring that data is transmitted safely and remains protected during transfer.
SyncBox Configuration
The configuration settings for data connections and intermediate processing steps are encrypted using a tenant-specific AES-256 key. This key is securely tied to each tenant and can only be used within the system, ensuring that sensitive information remains protected at all times.
Temporary Data
Any data processed during intermediate steps is encrypted using a monthly, tenant-specific AES-256 key. A strict retention policy is applied, where encrypted data older than 12 months is automatically deleted, making it inaccessible after this period. Optionally, this cleanup policy can be set to 2 months. Execution logs for data flows are also covered under this policy for sensitive data.
Data Storage
All critical execution metadata for data flows is stored in the SyncBox database with dual-layer encryption. By default, source system data is stored in SyncBox-managed storage. However, users have the option to configure their own Azure Storage account for storing data, ensuring full control over data management and compliance with organizational policies.
Encryption Policy
SyncBox employs AES-256 encryption as a standard for all data, regardless of storage location. Source system data is managed under a strict key management strategy, with encryption keys periodically rotated to enhance security. Keys are securely stored in a Key Vault, which is accessible only to authorized systems and not manually accessible by administrators.
Logging
SyncBox maintains logs to monitor performance and resource usage. These logs do not contain sensitive data or information specific to source systems. They are solely focused on tracking the internal operations of SyncBox and ensuring its smooth functioning.