- Platform overview
- Platform overview (Video)
- Platform tutorials
- A customer experience powered by Platform (Video)
- Behind the scenes of a customer experience powered by Platform (Video)
- Getting started
- Experience Platform UI
- Experience Platform APIs
- Platform documentation
- Application services built on Platform
- Governance, privacy, and security
- License usage and guardrails
- Troubleshooting guide
- Gen2 data lake migration
- Glossary
- Release notes
Data encryption in Adobe Experience Platform
Adobe Experience Platform is a powerful and extensible system that centralizes and standardizes customer experience data across enterprise solutions. All data utilized by Platform is encrypted in transit and at rest to keep your data secure. This document describes Platform’s encryption processes at a high level.
The following process flow diagram illustrates how data is ingested, encrypted, and persisted by Experience Platform:
Data in transit
All data in transit between Platform and any external component is conducted over secure, encrypted connections using HTTPS TLS v1.2.
In general, data is brought into Platform in three ways:
- Data collection capabilities allow websites and mobile applications to send data to the Platform Edge Network for staging and preparation for ingestion.
- Source connectors stream data directly to Platform from Adobe Experience Cloud applications and other enterprise data sources.
- Non-Adobe ETL (extract, transform, load) tools send data to the batch ingestion API for consumption.
After data has been brought into the system and encrypted at rest, it can then be enriched by Platform services and brought out of the system in the following ways:
- Destinations allow you to activate data to Adobe applications and partner applications.
- Native Platform applications such as Customer Journey Analytics and Adobe Journey Optimizer can also make use of the data.
Data at rest
Data that is ingested and used by Platform is stored in the data lake, a highly granular data store containing all data managed by the system, regardless of origin or file format. All data persisted in the data lake is encrypted, stored, and managed in an isolated Microsoft Azure Data Lake Storage instance that is unique to your organization.
For details on how data at rest is encrypted in Azure Data Lake Storage, see the official Azure documentation.
Next steps
This document provided a high-level overview of how data is encrypted in Platform. For more information on security procedures in Platform, see the overview on governance, privacy, and security on Experience League, or take a look at the Platform security whitepaper.
Business.Adobe.com resources
Resources
Adobe Account
