Data At Rest
Data at rest is data stored, either temporarily or permanently. Data at rest has certain encryption types, or no encryption, depending on where it is being stored.
- Data in memory on the Spotfire Server, Spotfire Web Player or in the Spotfire Analyst clients is never encrypted.
- Data stored in the Spotfire database is not encrypted, except for sensitive data like passwords for service accounts, which are encrypted using AES-128 by default. The encryption key length is configurable, see config-encryption. User passwords are always hashed (by default, using PBKDF2) and never encrypted.
- Temporary files stored in
the attachment manager on the
Spotfire Server
file system are encrypted. (One exception: the Information Services component's
temporary pivot cache is not encrypted.) The default encryption algorithm is
AES-128. Other possible options are AES-192 or AES-256. See
config-attachment-manager
(
--encryption-enabled
and--encryption-key
) for more information. - Temporary files stored on the Spotfire Web Player file system are not encrypted.
- Temporary files stored on the Spotfire Analyst file system are not encrypted.
- "Save my login information" stores the user's Spotfire login in an encrypted form using Microsoft's ProtectedData API (DPAPI) protected with the user scope.
Parent topic: Cryptography
Related concepts
Related reference