Yes. We use SSL encryption to secure the data in transit and we offer optional MD5 encryption for data at rest.
Here’s how the data encryption works:
To encrypt the data (username, machine name, domain name) we:
1) capitalize the data (so User and UsEr == USER)
2) MD5 the capitalized string and send that data to the system from the agent. The result is that instead of username / machine name / domain name we will have some encrypted string and the web UI will show that string as the username / machine name / domain. No one will be able to make sense of it.
Now all the data is encrypted even before it leaves the agent.
In order to make sense of the data the customer can create a spreadsheet with a list of usernames in column A and then another column with an MD5 on the capitalized data from column A. The customer can download the data from our web UI to a spreadsheet and run a vlookup to cross-match based on the MD5 strings that should be identical in both Spreadsheets.