ElePass has 24/7 threat detection on all of our databases. In the event of an attempted threat to credential data- we’re all over it. With real-time threat detection alerts, we’ll know immediately about any database access from new or unknown networks and attempted SQL injections.
To back up our password encryption, every piece of data in our database is secured with disk encryption at rest to protect against unauthorized access to database storage. This includes all of our database files, logs and backups. Additionally, data is transported using secure TLS protocols.
All credentials stored in ElePass are protected by industry standard AES 256 encryption with secure, randomly generated encryption keys for each client. We don’t keep encryption keys in the same places as your credentials, they are locked away in a secure separate vault.
Our databases are protected with a full audit trail to ensure access to credentials is fully monitored always.
We use rotating encryption to ensure your encryption doesn’t become stale, and old keys can’t be used to retrieve your passwords. We can also rotate encryption keys on demand in the event of a threat.