Is my data encrypted and secured?
The safety and security of our customers’ data is our highest priority. Our API clients are using HTTPS (TLSv1, TLSv1.1, TLSv1.2) to send your data to our servers, and you can choose to use TLS to query your indices as well.
The backups are encrypted using GnuPG and the transfers between servers are encrypted via AES-256.
We put a lot of effort into having the best security. For instance, it took us only a few hours after the disclosure to fix the HeartBleed vulnerability.
We’re performing regular independent penetration testing and have public bug bounty program on HackerOne that helps us ensure ongoing security.
If you want your data to be encrypted at rest, we provide this using AES-256 encryption with Algolia-managed per-server keys with our Algolia Vault feature.