Skip to content

Confidentiality

Data confidentiality is about protecting data against unintentional, unlawful, or unauthorized access, disclosure, or theft.

  • Configuring SSL
    Authentication is a basic security concept that ensures users can prove their identity.
  • Securing LTPA keys on a production environment
    The Lightweight Third Party Authentication (LTPA) key holds cryptographic keys that secure the user authentication session and cookies.
  • Enabling FIPS and (NIST) SP800-131a
    HCL Digital Experience tolerates IBM WebSphere Application Server support of Federal Information Processing Standards (FIPS) and National Institute of Standards and Technology (NIST) SP800-131a.
  • Deleting passwords from properties files
    The configuration tasks might require you to write security-sensitive information, such as passwords, into multiple properties files. When you no longer need this security-sensitive information for your configuration, you should remove them and move the files to a safe place or set the file permissions so that only authorized users can read them.
  • HCL Digital Experience (DX) Portal Server and HCL Web Content Manager - Information related to GDPR): HCL Digital Experience (DX) Portal Server and HCL Web Content Manager are on-premise products installed and operated by the customer. In this scenario, HCL is neither a controller nor a processor as defined by the GDPR. Refer to this topic for guidance on ensuring compliance with various laws and regulations, including the European Union General Data Protection Regulation (GDPR).