# Security Features

### Encryption at rest <a href="#encryption-at-rest" id="encryption-at-rest"></a>

All files sended to our applications are automatically encrypted with a 256-bit Advanced Encryption Standard (AES) cipher. SSE automatically encrypts data when writing it to Storage. When you read your files, our storage decrypts the data before returning it. This process incurs no additional charges and doesn't degrade performance. This feature can't be disabled.

### Encryption in transit <a href="#encryption-in-transit" id="encryption-in-transit"></a>

We keep your data secure by enabling *transport-level security* between our applications and the client. We ALWAYS use *HTTPS* to secure communication over the public internet. When you call the REST APIs to access objects in storage accounts or our databases, we enforce the use of HTTPS by requiring secure transfer and connections that use HTTP will be refused and redirected.

### CORS support <a href="#cors-support" id="cors-support"></a>

We store several website asset types in Storage. These types include images and videos. To secure browser apps, we locks GET requests down to specific domains.

Our storage supports cross-domain access through **cross-origin resource sharing (CORS).** CORS uses HTTP headers so that a web application at one domain can access resources from a server at a different domain. By using CORS, our web apps ensure that tenants load only authorized content from our sources.

When you create a business application. you will be able to specify your domains in order for us to verify your domains and set CORS flags.

### Role-based access control <a href="#role-based-access-control" id="role-based-access-control"></a>

To access data in an Alliance ID Tenant account, the client makes a request over HTTP or HTTPS. Every request to a secure resource must be authorized. The service ensures that the client has the permissions required to access the data.

Our applications supports role-based access control (RBAC) for both resource management and data operations.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://fenix-alliance.gitbook.io/en/sales-support/support-model/security-features.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.