Data Security and Durability

The HERE platform protects your data through security and durability practices.

Security

The HERE platform utilizes industry-standard data security best practices to protect your data:

  • Data stored at rest in versioned layers, stream layers and index layers is encrypted using AES-256, a strong, proven, block cipher. This data protection includes data which has been persisted per the Time to Live (TTL) setting. Data stored in volatile layers is not encrypted.
  • Data in transit between the platform and your applications is encrypted using the TLS 1.2 cryptographic protocol and the strong AES-256-GCM cipher.
  • Within the platform, data in transit is also encrypted using TLS 1.2. Additional or different protection mechanisms are employed as needed.
  • HERE secures the platform website and API endpoints with trusted certificates issued by a well-known Certificate Authority (CA) and signed using a SHA-256 algorithm.

If you intend to cache private or sensitive data on an edge device, be aware that the data may be cached on the device without any protection. So, when the data is uploaded to the HERE platform, the data owner should encrypt any sensitive data before it is uploaded. This way, when the encrypted data is downloaded from the platform to an edge device, it is cached in encrypted form. The application on the edge device can then decrypt the data and consume it, but the data is protected while cached.

Durability

Your data is protected from loss due to corruption or system failure. The degree of durability depends on the layer type.

Versioned Layers

Versioned layers are designed to provide 99.999999999% (11 nines) durability of data (both data and metadata) over a given year. This durability level corresponds to an average annual expected loss of 0.000000002% of data (blobs) and metadata (partitions). Data is stored in a single region by default, and versioned data is stored redundantly on multiple devices across a minimum of three independent network and power domains within that region.

Index Layers

Index layers are designed to provide 99.999999999% (11 nines) durability of data over a given year. This durability level corresponds to an average annual expected loss of 0.000000002% of data (blobs). Data is stored in a single region by default and redundantly on multiple devices across a minimum of three independent network and power domains within that region. Index metadata is stored in a single region by default and redundantly on multiple devices across a minimum of three independent network and power domains within that region with an aggregate durability of 99.99998% (6 nines).

Volatile Layers

Volatile data is temporal. Existing data is overwritten every time new data is written to a partition. Data redundancy depends on the layer configuration option selected:

  • For multi-instance configured layers, data/metadata is stored redundantly on multiple devices across a minimum of three independent network and power domains within a single region. Failure of one device would be recovered by another.
  • For single-instance configure layers, data/metadata is stored only once on a single device within a single region. Failure of this device may result in irrecoverable loss of data.

For more information on volatile layer data redundancy, see Data RedundancyData Redundancy

Stream Layers

Stream data is replicated across multiple devices and across three independent network and power domains within a single region. Failure of one device will be recovered by another. Additionally, stream data is always written to an underlying filesystem. You can set how long this data is retained in the filesystem by using the TTL (Time To Live) setting. A best practice is to configure the stream data TTL long enough to ensure that data is not dropped in the event of a consumer group interruption (e.g. a pipeline restart) and while corrective actions are taken.

In addition to these data redundancy measures inside the HERE Workspace, the recommended best practice is to ensure regularly tested backups exist. Secure data backups, in the form of one or more duplicate catalogs, can be assigned a narrower set of permissions to further limit who can delete those backups.

results matching ""

    No results matching ""