Hybrid Data Pipeline can be configured to accept only authorized (cryptographic) communications from known administrative endpoints. All customer-sensitive data elements (including remote credential/database pairings stored) are protected by encryption, both at rest (AES-256) and in transit. Hybrid Data Pipeline runs on an Apache Tomcat web server. TLS 1.2 is the minimum supported version of TLS. Client components such as the ODBC and JDBC driver default to TLS 1.2. All user passwords are encrypted using SHA-256-bit one-way hash with per-user salt. The following table summarizes supported encryption protocols for Hybrid Data Pipeline components.

Component Protocols Accepted
Hybrid Data Pipeline Server TLS 1.2 and 1.3
ODBC and JDBC drivers TLS 1.2 and 1.3
On-Premises Connector (OPC) TLS 1.2 and 1.3