Confidentiality
Data confidentiality is about protecting data against unintentional, unlawful, or unauthorized access, disclosure, or theft.
- Configuring SSL
Authentication is a basic security concept that ensures users can prove their identity. - Securing LTPA keys on a production environment
The Lightweight Third Party Authentication (LTPA) key holds cryptographic keys that secure the user authentication session and cookies. - Enabling FIPS and (NIST) SP800-131a
HCL Digital Experience tolerates IBM WebSphere Application Server support of Federal Information Processing Standards (FIPS) and National Institute of Standards and Technology (NIST) SP800-131a. - Deleting passwords from properties files
The configuration tasks might require you to write security-sensitive information, such as passwords, into multiple properties files. When you no longer need this security-sensitive information for your configuration, you should remove them and move the files to a safe place or set the file permissions so that only authorized users can read them. - HCL Digital Experience (DX) Portal Server and HCL Web Content Manager - Information related to GDPR): HCL Digital Experience (DX) Portal Server and HCL Web Content Manager are on-premise products installed and operated by the customer. In this scenario, HCL is neither a controller nor a processor as defined by the GDPR. Refer to this topic for guidance on ensuring compliance with various laws and regulations, including the European Union General Data Protection Regulation (GDPR).