Experience Platform Security Architecture and Data Flow Adobe Experience Platform ingests and exports data in the following ways: Enterprise Data Source Ingestion • Client-side Data Collection: Customer websites and mobile applications send data to the Adobe Experience Platform Edge Network for staging and preparation for ingestion. • Server-side Data Collection: Adobe Experience Cloud applications and enterprise data sources use built-in connectors to stream data directly to Experience Platform. • Adobe Experience Cloud applications as well as enterprise data sources send batch data (i.e., data collected over time) using built-in connectors. • Credentials are stored in the public cloud provider’s key vault. • If the cloud data store supports HTTPS or TLS, all data transfers between data movement between AEP services and the cloud data store are conducted via secure channel HTTPS or TLS (1.2). • Batch Ingestion via ETL Partners: Data ingestion occurs using a non-Adobe ETL (extract, transform, and load) tool and the Experience Platform API for batch consumption. The ETL tools and the corresponding data flows reside in the customer environment. User Interactions and Admin Source Configurations • A customer’s administrators and users with appropriate access permissions can authenticate to the Experience Platform UI and configure various options for data source collection. These individuals provide credentials to connect to enterprise data sources, which are persisted in the cloud service provider’s key vaults after encrypting sensitive data. The credentials are used on the user’s behalf to create and modify data flows during design time and ingest data at run time. Access Control and Data Governance • All access to the Experience Platform data lake, whether to write new data or read existing data, is strictly controlled using the Experience Platform access control and data governance layer. Data Lake • Data is written to the appropriate location in the Experience Platform data lake for the specific customer, based on the Experience Platform data model and the configuration settings in the admin UI. 5