Security and compliance in SloopEngine

Encryption in SloopEngine infrastructure

Storage encryption

In the context of SloopEngine's infrastructure, encrypted at rest means that all storage components, such as hard drives or solid-state drives, have their data encrypted at the low-level block device. This encryption ensures that the data stored on these devices remains scrambled and unreadable to anyone who doesn't have the encryption keys.

By encrypting data at the rest, SloopEngine enhances the security of its infrastructure. Even if an attacker or hacker gains physical or unauthorized access to the block device, they won't be able to read or understand the data stored on it due to its encrypted state. This helps protect sensitive information and prevents unauthorized access to critical data.

As a result, any services or microservices running within SloopEngine's infrastructure can only access data from the encrypted storage. Whenever these services need to read or write data, they interact with the storage components that automatically handle the encryption and decryption processes. This ensures that data remains secure throughout its lifecycle within the infrastructure, providing an extra layer of protection against potential data breaches or unauthorized data access.

In summary, SloopEngine employs a robust security measure by encrypting data at the rest on its storage components, ensuring that even if an attacker gains access to the underlying block devices, the data remains inaccessible and secure.

Endpoint encryption

In SloopEngine's infrastructure, all internet-facing network endpoints have been secured with SSL/TLS encryption. This means that every service and microservice accessible over the internet has an encrypted network endpoint, ensuring the security of data during transmission.

SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that establish a secure and encrypted communication channel between a client (such as a web browser) and a server (where the service or microservice resides). When a user or another service connects to SloopEngine's services via the internet, SSL/TLS ensures that the data exchanged between the client and the server is encrypted.

The encryption of network endpoints ensures that data transmitted between clients and the services remains confidential and cannot be easily intercepted or understood by unauthorized parties. This is particularly important when sensitive information, such as user credentials or personal data, is being transmitted over the internet.

By encrypting each service/microservice network endpoint, SloopEngine protects data in motion or transit, safeguarding it from potential eavesdropping or tampering during communication. This security measure is crucial in maintaining the confidentiality and integrity of data as it travels over potentially untrusted networks, like the internet.

In summary, the SSL/TLS encryption of all internet-facing network endpoints in SloopEngine's infrastructure ensures that data sent and received by its services and microservices remains encrypted and secure, protecting sensitive information during communication between clients and the infrastructure.