We recommend switching to the latest versions of Edge, Firefox, Chrome or Safari. Using Internet Explorer will result in a loss of website functionality.

Data Encryption - How to verify

Comments

1 comment

  • Avatar
    Adrian Williams

    Hi,

    I'm not sure what you mean by "data sessions". If you are referring to the connections between the user's machine and the Data360 Analyze server, the system supports encryption using HTTPS.

    Data360 Analyze does not encrypt intermediate data (temporary data) that is generated by a data flow. However, if certain specific fields within a data flow contain sensitive information they can be encrypted/ decrypted using the Encrypt Fields and Decrypt Fields nodes. The data can be encrypted using triple DES or AES 256 algorithm and SHA-1 password hashing technique.

    Password values in Password properties are encrypted via AES-128, using a key generated by the PBKDF2 (PKCS #5 2.0) key derivation function from a passphrase which is stored in a local Java Key Store (JKS). The JKS itself is protected by a system-wide password which is either encrypted into a property file entry, or required to be entered on application startup.

     

    If you want to encrypt all data at rest then you would need configure the machine running the Analyze Server instance to have an encrypted disk/mount point for the location where the intermediate data is being stored, e.g. using Linux disc encryption.

     

     

    0
    Comment actions Permalink

Please sign in to leave a comment.