All data is encrypted in-flight using industry standard encryption with AES-256. DigiCRM enforces HTTP Strict Transport Security. We automatically redirect all insecure requests before they reach our application servers.
Whenever possible, communications are further protected with Perfect Forward Security. These stronger cipher suites use ephemeral session keys to prevent data from being decoded — even in the event of a secret key breach.
To further protect users, the DigiCRM root domain has been added to the source of Chrome and Firefox to ensure that these browsers never open connections over non-SSL HTTP.
Public resources are edge-cached, leveraging best-of-breed Content Delivery Networks (CDNs) to mitigate Distributed Denial of Service (DDoS) attacks.