Tenant SSL takes several steps in ensuring your SSL reverse proxy infrastructure is secured. Let’s take a look how:
Each individual server has firewalls set to only accept connections (including SSH sessions) from specific IP addresses. Even if a user has (however unlikely) the private SSH key, he or she will be unable to connect to the servers.
Connections made to your servers are made by unique SSH keys (for each server). Each SSH key is also encrypted and are unreadable at rest.
SSL certificates that are issued are encrypted and are securely transferred to your servers during syncing. When a synchronization event is triggered, endpoints are transiently created and cannot be reused or replayed.
Each account’s data is separated to ensure that there is no possibility of data intermixing between accounts.