Data Encryption
Moodi Mahmoudi avatar
Written by Moodi Mahmoudi
Updated over a week ago

NEXT utilizes industry-standard practices concerning the encryption of data when stored and while in transmission. NEXT also have a documented encryption policy that outlines the requirements for encrypting data and transmissions.

Encryption at rest

All data, including backups, is encrypted at-rest using AES-256 encryption.

Encryption in transit

Data is encrypted while moving between us and the browser with Transport Level Security (TLS) 1.2.

Secure Sockets Layer

Secure Sockets Layer (SSL) certificates are issued and managed through Amazon Web Services, and HTTP Strict Transport Security (HSTS) is enabled. We score an A+ rating on Qualys SSL Labs tests.

Key management

Amazon Web Services (AWS) stores and manages data encryption keys in its redundant and globally distributed Key Management Service (KMS). AWS KMS is a secure and resilient service that uses hardware security modules that have been validated under FIPS 140-2, or are in the process of being validated, to protect your keys.

Did this answer your question?