From 364079098f7c6dce2e4545cf0b3f3e4ee9bec30a Mon Sep 17 00:00:00 2001 From: Erin Cochran Date: Fri, 1 May 2020 15:34:18 -0400 Subject: [PATCH] Clean up Data Encryption guide a bit --- .../security/encryption/encryption-general.md | 110 ++++++++++-------- 1 file changed, 63 insertions(+), 47 deletions(-) diff --git a/_account-security/security/encryption/encryption-general.md b/_account-security/security/encryption/encryption-general.md index b792953a5..a91762911 100644 --- a/_account-security/security/encryption/encryption-general.md +++ b/_account-security/security/encryption/encryption-general.md @@ -63,65 +63,81 @@ ssh-tunnels: description: "Stitch currently supports connecting Microsoft Azure SQL Server and MySQL databases (as integrations) and Azure SQL Data Warehouse (as a destination). Other Microsoft Azure offerings aren't currently supported." sections: - - title: "SSL connections" - anchor: "ssl-connections" + - title: "Encryption in transit" + anchor: "in-transit-encryption" content: | - [SSL/TLS](https://www.verisign.com/en_US/website-presence/online/ssl-certificates/index.xhtml){:target="new"} is a standard security technology used to establish encrypted communication between a web server and a browser. SSL/TLS ensures that communication to and from Stitch remains private and secure. - + {% for subsection in section.subsections %} + - [{{ subsection.title }}](#{{ subsection.anchor }}) + {% endfor %} subsections: - - title: "Stitch application access" - anchor: "stitch-application" + - title: "SSL connections" + anchor: "ssl-connections" content: | - The Stitch application enforces SSL to ensure all communication with Stitch remains secure. + [SSL/TLS](https://www.verisign.com/en_US/website-presence/online/ssl-certificates/index.xhtml){:target="new"} is a standard security technology used to establish encrypted communication between a web server and a browser. SSL/TLS ensures that communication to and from Stitch remains private and secure. - - title: "Connections that use verified SSL by default" - anchor: "connections-ssl-default" - content: | - For any connection using an HTTP API - for example, integrations like [Salesforce]({{ site.baseurl }}/integrations/saas/salesforce) or [Facebook Ads]({{ site.baseurl }}/integrations/saas/facebook-ads) - or Stitch's [Import API]({{ link.integrations.import-api | prepend: site.baseurl }}), Stitch will use [SSL/TLS-based encryption](https://www.verisign.com/en_US/website-presence/online/ssl-certificates/index.xhtml){:target="new"} by default. + {% for sub-subsection in subsection.sub-subsections %} + - [{{ sub-subsection.title }}](#{{ sub-subsection.anchor }}) + {% endfor %} + + sub-subsections: + - title: "Stitch application access" + anchor: "stitch-application" + content: | + The Stitch application enforces SSL to ensure all communication with Stitch remains secure. + + - title: "Connections that use verified SSL by default" + anchor: "connections-ssl-default" + content: | + For any connection using an HTTP API - for example, integrations like [Salesforce]({{ site.baseurl }}/integrations/saas/salesforce) or [Facebook Ads]({{ site.baseurl }}/integrations/saas/facebook-ads) - or Stitch's [Import API]({{ link.integrations.import-api | prepend: site.baseurl }}), Stitch will use [SSL/TLS-based encryption](https://www.verisign.com/en_US/website-presence/online/ssl-certificates/index.xhtml){:target="new"} by default. + + This is also applicable to Stitch's [Amazon Redshift]({{ link.destinations.overviews.redshift | prepend: site.baseurl }}), [Google BigQuery]({{ link.destinations.overviews.bigquery | prepend: site.baseurl }}), [Microsoft Azure SQL Data Warehouse]({{ link.destinations.overviews.azure | prepend: site.baseurl }}), and [Snowflake]({{ link.destinations.overviews.snowflake | prepend: site.baseurl }}) destination offerings. + + Connections to these integrations and destinations will attempt to use verified SSL with no action required on your part. - This is also applicable to Stitch's [Amazon Redshift]({{ link.destinations.overviews.redshift | prepend: site.baseurl }}), [Google BigQuery]({{ link.destinations.overviews.bigquery | prepend: site.baseurl }}), [Microsoft Azure SQL Data Warehouse]({{ link.destinations.overviews.azure | prepend: site.baseurl }}), and [Snowflake]({{ link.destinations.overviews.snowflake | prepend: site.baseurl }}) destination offerings. + - title: "Connections with configurable SSL options" + anchor: "connections-configurable-ssl" + content: | + For some integrations - for example, a database hosted on your server - Stitch may support configurable SSL. To use SSL with a database Stitch supports, the database must be configured to support and allow SSL connections. - Connections to these integrations and destinations will attempt to use verified SSL with no action required on your part. + **Note**: SSL connections are not supported for all databases. Refer to the [documentation for the database]({{ site.baseurl }}/integrations/databases) for SSL support details. - - title: "Connections with configurable SSL options" - anchor: "connections-configurable-ssl" + - title: "SSH tunnels" + anchor: "ssh-tunnel-connections" content: | - For some integrations - for example, a database hosted on your server - Stitch may support configurable SSL. To use SSL with a database Stitch supports, the database must be configured to support and allow SSL connections. + If a database you want to connect to Stitch doesn't support [SSL connections](#ssl-connections) or isn't publicly accessible, you can use an SSH tunnel. - **Note**: SSL connections are not supported for all databases. Refer to the [documentation for the database]({{ site.baseurl }}/integrations/databases) for SSL support details. + The steps for setting up an SSH connection vary depending on where your database is hosted. - - title: "SSH tunnels" - anchor: "ssh-tunnel-connections" - content: | - If a database you want to connect to Stitch doesn't support [SSL connections](#ssl-connections) or isn't publicly accessible, you can use an SSH tunnel. - - The steps for setting up an SSH connection vary depending on where your database is hosted. - - - {% for item in page.ssh-tunnels %} - - - - - {% endfor %} -
- {{ item.name | append: " databases" }} - - {{ item.description | markdownify }} - -

Refer to the SSH tunnels for {{ item.name | append: " databases"}} guide.

-
+ + {% for item in page.ssh-tunnels %} + + + + + {% endfor %} +
+ {{ item.name | append: " databases" }} + + {{ item.description | markdownify }} - **Note**: [Reverse SSH tunnels]({{ link.security.reverse-ssh | prepend: site.baseurl }}) are also available for Stitch Enterprise customers. +

Refer to the SSH tunnels for {{ item.name | append: " databases"}} guide.

+
- - title: "Advanced connectivity" - anchor: "advanced-connectivity" - content: | - Additional connection options are available as part of a Stitch Enterprise plan. This includes: + **Note**: [Reverse SSH tunnels]({{ link.security.reverse-ssh | prepend: site.baseurl }}) are also available for Stitch Enterprise customers. - - Virtual Private Network (VPN) - - [Reverse SSH tunneling]({{ link.security.reverse-ssh | prepend: site.baseurl }}) - - [Amazon Web Services (AWS) Private Link](https://aws.amazon.com/privatelink/){:target="new"} + - title: "Advanced connectivity" + anchor: "advanced-connectivity" + content: | + Additional connection options are available as part of a Stitch Enterprise plan. This includes: - Reach out to [Stitch Sales]({{ site.sales }}){:target="new"} for more info. + - Virtual Private Network (VPN) + - [Reverse SSH tunneling]({{ link.security.reverse-ssh | prepend: site.baseurl }}) + - [Amazon Web Services (AWS) Private Link](https://aws.amazon.com/privatelink/){:target="new"} + + Reach out to [Stitch Sales]({{ site.sales }}){:target="new"} for more info. + + - title: "Encryption at rest" + anchor: "data-at-rest" + content: | + For data at rest, Stitch uses [AES-256](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard){:target="new"} to encrypt data. --- \ No newline at end of file