Issue:
A customer would like to know if PME data is encrypted when stored within the SQL databases (at rest) or while being passed through web applications (in transit).

Product Line:
ION-E 6.0
SPM 7.0.1
Power Monitoring Expert 7.2.x
Power Monitoring Expert 8.x
Power Monitoring Expert 9.0
Power Monitoring Expert 2020
Power Monitoring Expert 2021
Power Monitoring Expert 2022
Power Monitoring Expert 2023

Environment:
PME databases and web applications

Cause:
A customer wants to know if PME data is encrypted when stored in the SQL databases or while being passed through web applications.

Resolution:
Data is not encrypted when passed through the Web Applications or within the database tables.  It is recommended to install TLS / SSL within Internet Information Services to encrypt Web Applications data while in transit, and to restrict SQL network access and credentials to prevent unauthorized requests. We recommend that the connections between PME and the SQL database server, in Distributed Database architecture installations are encrypted using at least Transport Layer Security (TLS)1.2. This requires a certificate from a public certification authority for the SQL Server computer and the configuration of both servers to use encrypted connections.

NOTE: Only the communication between the PME application server and the database server will be encrypted, not the data in the database.

Опубліковано для: Schneider Electric Україна