Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Best Practices

Secure Operation

search

Please Note:

Secure Operation

Following table describes the best security practices for secure operation when using CDP for Teradata VCL:

Security PracticeDescription
Do not use AES/ECB algorithm in the protection policyAES/ECB algorithm is available on the CipherTrust Manager GUI for backward compatibility.
Avoid using this algorithm while creating the protection policy for its cryptographic weakness.
Use the default reveal formatWhile defining the access policy, use the default reveal format. For example, use the Ciphertext or Masked value instead of Plaintext format.
Use the masking format for protectionThe masking format allows masking/revealing the first/last specified digits of the revealed data. Use this feature for the role-based access control.
Control access to the audit logsAudit logs provide evidence of cryptographic operations performed on CDP for Teradata VCL.
To ensure that only authorized users have access to the audit logs, it is recommended to restrict unauthorized access.
Also, the audit log files must have read-only access for protection against tampering.

On this page