Data security
Storage at rest
Sitecore Content Hub provides customers with the ability to store data in an encrypted format. The cloud provider should not have any requirements that would prevent the use of a gateway encryption service or an application to encrypt data before reaching the service.
Interoperability and portability
Unstructured data can be exported in bulk with metadata and security Access Control Lists (ACL) attached in a non-proprietary format, either by the user or Sitecore Product Support Services. Automated export processes are not required.
Databases can be exported into a non-proprietary format, either by the user or the service provider. Automated export processes are not required. Service level agreements exist so that data is available when the customer needs it, preventing a “run-on-the-bank” scenario.
Vulnerabilities might be found by the customer, the application vendor, or a third-party. Once the vulnerability has been disclosed to the vendor, standard Sitecore service levels are delivered.