Alation Cloud Service Security

Alation Cloud Service Applies to Alation Cloud Service instances of Alation

Alation Cloud Service takes a robust approach to provide security for all our customers.

Alation encrypts all data and metadata stored at the disk level in Alation. Alation encrypts sensitive information at the application level, including:

• All fields that contain passwords, secrets, or certificates, including credentials for data source service accounts

• Data samples

• Query results from Compose and scheduled query runs

For Alation Cloud Service deployments, Alation uses an AWS Key Management Service (KMS) key to encrypt data at the application level. Encryption keys are by default generated and rotated automatically. However, customers on the Enterprise and Enterprise+ plans can use the Bring Your Own Key feature, which allows you to provide your own encryption keys and define your own rotation policy.

To learn more, including information about specific security certifications, please reach out to your account manager.