Collibra works closely with various Infrastructure-as-a-Service cloud providers to provide a flexible and secure environment. For Collibra’s cloud offering, these services include:
- Data center
- Server hardware
- Network infrastructure
- Cloud provider specific services
Physical access to the servers is subject to the privacy statements of cloud providers.
Encryption
Edge
All data is encrypted in transit between your Edge site and the Collibra Platform via certificates issued by a Collibra-chosen Certificate Authority (CA) over TLS 1.3 and basic authentication. However, if there is a forward proxy server between the Edge site and Collibra, you have to use the proxy server's CA.
Jobserver (to be deprecated on September 30, 2024)
All data is encrypted in transit between the Jobserver (installed at client) and the Collibra Platform. It uses mutual authentication via certificates over TLS 1.2. When data is stored in Collibra, it is always encrypted at rest using AES 256.
Key management
Keys are managed by Collibra using the key management systems native to the cloud provider. The KMS used is FIPS 140-2 compliant 140-2, uses AES 256-bit encryption and the keys are rotated at standard intervals.