OnDemand User Group
Support Forums => Other => Topic started by: cleach on July 25, 2011, 03:03:38 PM
-
Does OD support the automatic entrytpion of documents as they are loaded and later their decryption for viewing them?
And if supported, would the cache also be encrypted?
Due to all the sensitive information being stored in OD, there is concern about having everything stored in clear text if we get a security breach.
-
Hi Curtis.
Just as a follow up, data in the cache and TSM is stored with a proprietary compression method. Even an advanced user with non-CMOD-specific knowledge would have difficulty in successfully decompressing an entire stream of data. (Heck, even I have trouble with it some days.)
Now, this is not truly secure, as there is no authentication or encryption, but you don't have to worry so much about the data being stored 'in the clear'.
The database information, however, IS stored in a format that could be parsed by an advanced-level adversary. There is a database encryption product (formerly known as "Vormetric") that encrypts data at the filesystem level.
While application security is important, more straightforward methods at other levels (strict firewalls, restricting available network services, hardening the operating system) will work as far more effectiveness against hackers.