For account passwords, we rely on industry-standard, high-iteration, adaptive hashing functions to prevent passwords from being readable or reversed.
Billing information such as credit card numbers never touches our servers. Instead, we rely on Stripe to handle our billing, which captures and encrypts billing information using industry-standard best practices.
When you configure a Source that has sensitive credentials, such as Amazon S3 keys, we immediately encrypt all private information using hardened, industry-standard encryption algorithms. The few internal services that require access to this information have the necessary access to decrypt the information when required. These services exist within our internal network and are not publicly addressable. As an added layer of security, we recommend to all of our users that they provide us with read-only credentials when working with an image store like Amazon S3.