Data Encryption | Stitch Documentation

Advanced connectivity for Premium plans

Additional connection options are available as part of an Advanced or Premium plan.

For more info about Stitch Advanced, contact the Stitch Sales team.

Looking for general security info? Check out the Security overview.

Our most important job here at Stitch is to keep your data safe. To do that, Stitch always encrypts data in transit and at rest within the Stitch environment.

Stitch offers secure options for making connections to all data sources and destinations, giving you the power to secure your data as you see fit.

In this guide, we’ll cover Stitch’s supported connection options and provide links to additional resources:

Encryption in transit
Encryption at rest

SSL connections

SSL/TLS is a standard security technology used to establish encrypted communication between a web server and a browser. SSL/TLS ensures that communication to and from Stitch remains private and secure.

Stitch application access
Connections that use verified SSL by default
Connections with configurable SSL options

Stitch application access

The Stitch application enforces SSL to ensure all communication with Stitch remains secure.

Connections that use verified SSL by default

For any connection using an HTTP API - for example, integrations like Salesforce or Facebook Ads - or Stitch’s Import API, Stitch will use SSL/TLS-based encryption by default.

This is also applicable to Stitch’s Amazon Redshift, Google BigQuery, Microsoft Azure Synapse Analytics, and Snowflake destination offerings.

Connections to these integrations and destinations will attempt to use verified SSL with no action required on your part.

Connections with configurable SSL options

For some integrations - for example, a database hosted on your server - Stitch may support configurable SSL. To use SSL with a database Stitch supports, the database must be configured to support and allow SSL connections.

Note: SSL connections are not supported for all databases. Refer to the documentation for the database for SSL support details.

SSH tunnels

If a database you want to connect to Stitch doesn’t support SSL connections or isn’t publicly accessible, you can use an SSH tunnel.

The steps for setting up an SSH connection vary depending on where your database is hosted.

Self-hosted databases

If your database is hosted on your server and not in the cloud, it’s considered a ‘self-hosted’ database. This is applicable to both integrations and destinations.

Refer to the SSH tunnels for Self-hosted databases guide.

Amazon databases

Stitch currently supports connecting Amazon RDS (including Aurora) and Amazon Redshift (destination only) databases.

Refer to the SSH tunnels for Amazon databases guide.

Microsoft Azure databases

Stitch currently supports connecting Microsoft Azure SQL Server and MySQL databases (as integrations) and Azure Synapse Analytics (as a destination). Other Microsoft Azure offerings aren’t currently supported.

Refer to the SSH tunnels for Microsoft Azure databases guide.

Note: Reverse SSH tunnels are also available for Premium customers.

Advanced connectivity

Additional connection options are available as part of an Premium plan. This includes:

Reach out to Stitch Sales for more info.

Encryption at rest

For data at rest, Stitch uses AES-256 to encrypt data.