Yes. Our data is stored as a hierarchical object graph within a SQL server relational database. This means that each data entity is represented as an object that is related upwards to its parent and downwards to all its children via relational foreign keys according to standard relational db design.
All sensitive data values are encrypted in memory using the Triple DES algorithm. These values are only decrypted for use as required; therefore, when an object is stored in the database, the encrypted values are stored in their encrypted state by default. Since individual values are stored as fields, and multiple object fields form a column within a database table, it can be said that we support 'Column Level' encryption, even though this sophisticated security feature was not available with the version of SQL server when the code was originally written. This encryption layer is in addition to the encryption supplied by our requirement that all network data transfers, including all internal transfers, are encrypted via TLS (https).
We transmit data via https and use RSA 2048 bits/SHA256 with RSA TLS 1.2 for message encryption.
If you would like any further information, please get in touch using the "new support ticket" option above this article.