Encryption Keys. For all infrastructure that Tanium manages on behalf of customers as part of the TaaS Offering, the security of instances is managed through public key infrastructure (PKI) and data at rest encryption with unique keys for each customer environment. AWS Key Management System (KMS) is leveraged to generate, manage and use encryption keys following industry best practices, including NIST validated FIPS 140-2 based hardware. AWS enables customers to open a secure, encrypted session to AWS servers using HTTPS where TLS may be used for all import and export data functions. Client to client and client to server communication uses Tanium’s proprietary protocol, which digitally signs messages for authenticity and transmits hashed message responses for integrity. Tanium follows AWS guidance and recommends that customers use secure protocols that offer authentication and confidentiality, such as TLS or IPsec, to reduce the risk of data tampering or loss.
Appears in 2 contracts
Sources: License Terms for Tanium Cloud/Tanium as a Service, Software License Agreement