Is the ILMT 9.2.x information (configurations, customer data, cache, etc.) encrypted "at rest"?
Also, is the ILMT MSSQL database encrypted "at rest"?

We could not find anything that specifically talked about data encryption "at rest" on either of these subjects so wanted to confirm.

If it is not, is this something on your future roadmap that you'll support?

Thank you.

------------------------------
Powers
------------------------------

Hi,

License Metric Tool stores the encrypted passwords in its database in a password-protected keystore on the local storage (unless Windows Authentication is used for database access). It is recommended to change the default keystore password, and configure encryption mechanism for the keystore, and the License Metric Tool database to ensure additional protection.

Please check our documentation for more information on this topic:

https://www.ibm.com/docs/en/license-metric-tool?topic=security-configuring-passwords-encryption-mechanisms

Hope the above information helps.
Thank you.

------------------------------
Andrei Ionescu
IBM
Bucharest
------------------------------

Original Message:
Sent: Tue January 31, 2023 03:30 PM
From: Corbett Powers
Subject: ILMT data encryption "at rest"?

Is the ILMT 9.2.x information (configurations, customer data, cache, etc.) encrypted "at rest"?
Also, is the ILMT MSSQL database encrypted "at rest"?

We could not find anything that specifically talked about data encryption "at rest" on either of these subjects so wanted to confirm.

If it is not, is this something on your future roadmap that you'll support?

Thank you.

------------------------------
Powers
------------------------------

Andrei - 

Thank you for the quick response.

However, that does not fully answer the question.
Yes, passwords are encrypted but that is only part of ILMT.
The question is pertaining to all the information ILMT utilizes (configurations, logs, customer data, cache, etc) on the local storage... if that information is encrypted "at rest"?

If not, is this something on your future roadmap that you'll support?
Asking as we have a future requirement that all information must be encrypted "at rest".




------------------------------
Corbett Powers
------------------------------

Original Message:
Sent: Wed February 01, 2023 01:25 AM
From: Andrei Ionescu
Subject: ILMT data encryption "at rest"?

Hi,

License Metric Tool stores the encrypted passwords in its database in a password-protected keystore on the local storage (unless Windows Authentication is used for database access). It is recommended to change the default keystore password, and configure encryption mechanism for the keystore, and the License Metric Tool database to ensure additional protection.

Please check our documentation for more information on this topic:

https://www.ibm.com/docs/en/license-metric-tool?topic=security-configuring-passwords-encryption-mechanisms

Hope the above information helps.
Thank you.

------------------------------
Andrei Ionescu
IBM
Bucharest

Original Message:
Sent: Tue January 31, 2023 03:30 PM
From: Corbett Powers
Subject: ILMT data encryption "at rest"?

Is the ILMT 9.2.x information (configurations, customer data, cache, etc.) encrypted "at rest"?
Also, is the ILMT MSSQL database encrypted "at rest"?

We could not find anything that specifically talked about data encryption "at rest" on either of these subjects so wanted to confirm.

If it is not, is this something on your future roadmap that you'll support?

Thank you.

------------------------------
Powers
------------------------------

Hi Corbett,

I strongly recommend you to request such feature in Aha! and track the changes there.

Thanks.

------------------------------
Andrei Ionescu
IBM
Bucharest
------------------------------

Original Message:
Sent: Wed February 01, 2023 02:00 PM
From: Corbett Powers
Subject: ILMT data encryption "at rest"?

Andrei - 

Thank you for the quick response.

However, that does not fully answer the question.
Yes, passwords are encrypted but that is only part of ILMT.
The question is pertaining to all the information ILMT utilizes (configurations, logs, customer data, cache, etc) on the local storage... if that information is encrypted "at rest"?

If not, is this something on your future roadmap that you'll support?
Asking as we have a future requirement that all information must be encrypted "at rest".




------------------------------
Corbett Powers

Original Message:
Sent: Wed February 01, 2023 01:25 AM
From: Andrei Ionescu
Subject: ILMT data encryption "at rest"?

Hi,

License Metric Tool stores the encrypted passwords in its database in a password-protected keystore on the local storage (unless Windows Authentication is used for database access). It is recommended to change the default keystore password, and configure encryption mechanism for the keystore, and the License Metric Tool database to ensure additional protection.

Please check our documentation for more information on this topic:

https://www.ibm.com/docs/en/license-metric-tool?topic=security-configuring-passwords-encryption-mechanisms

Hope the above information helps.
Thank you.

------------------------------
Andrei Ionescu
IBM
Bucharest

Original Message:
Sent: Tue January 31, 2023 03:30 PM
From: Corbett Powers
Subject: ILMT data encryption "at rest"?

Is the ILMT 9.2.x information (configurations, customer data, cache, etc.) encrypted "at rest"?
Also, is the ILMT MSSQL database encrypted "at rest"?

We could not find anything that specifically talked about data encryption "at rest" on either of these subjects so wanted to confirm.

If it is not, is this something on your future roadmap that you'll support?

Thank you.

------------------------------
Powers
------------------------------

Hello,

Configurations and cache files of ILMT server are not encrypted when "at rest".

As to MSSQL database content encryption, that thing is entirely managed by MSSQL setup (depends on version).
ILMT doesn't influence that behavior in any possible way...

Thank you,


------------------------------
Oktawian Powązka
------------------------------

Original Message:
Sent: Tue January 31, 2023 03:30 PM
From: Corbett Powers
Subject: ILMT data encryption "at rest"?

Is the ILMT 9.2.x information (configurations, customer data, cache, etc.) encrypted "at rest"?
Also, is the ILMT MSSQL database encrypted "at rest"?

We could not find anything that specifically talked about data encryption "at rest" on either of these subjects so wanted to confirm.

If it is not, is this something on your future roadmap that you'll support?

Thank you.

------------------------------
Powers
------------------------------

Oktawian - 

Thanks for the quick response.

Appreciate the honestly and directness of the response.
We will look into the MSSQL regarding the database encryption management.

I was unable to ascertain your employment (IBM or not) which is why following up with a support person identified as being with IBM.
Management is requiring information from vendor support only.

------------------------------
Corbett Powers
------------------------------

Original Message:
Sent: Wed February 01, 2023 04:13 AM
From: Oktawian Powązka
Subject: ILMT data encryption "at rest"?

Hello,

Configurations and cache files of ILMT server are not encrypted when "at rest".

As to MSSQL database content encryption, that thing is entirely managed by MSSQL setup (depends on version).
ILMT doesn't influence that behavior in any possible way...

Thank you,


------------------------------
Oktawian Powązka

Original Message:
Sent: Tue January 31, 2023 03:30 PM
From: Corbett Powers
Subject: ILMT data encryption "at rest"?

Is the ILMT 9.2.x information (configurations, customer data, cache, etc.) encrypted "at rest"?
Also, is the ILMT MSSQL database encrypted "at rest"?

We could not find anything that specifically talked about data encryption "at rest" on either of these subjects so wanted to confirm.

If it is not, is this something on your future roadmap that you'll support?

Thank you.

------------------------------
Powers
------------------------------

Hello Corbett,

Understood, good point,
Profile updated...

------------------------------
Thank you,
Oktawian

------------------------------
Oktawian Powązka, L3 Support
IBM License Metric Tool
------------------------------

Original Message:
Sent: Wed February 01, 2023 02:13 PM
From: Corbett Powers
Subject: ILMT data encryption "at rest"?

Oktawian - 

Thanks for the quick response.

Appreciate the honestly and directness of the response.
We will look into the MSSQL regarding the database encryption management.

I was unable to ascertain your employment (IBM or not) which is why following up with a support person identified as being with IBM.
Management is requiring information from vendor support only.

------------------------------
Corbett Powers

Original Message:
Sent: Wed February 01, 2023 04:13 AM
From: Oktawian Powązka
Subject: ILMT data encryption "at rest"?

Hello,

Configurations and cache files of ILMT server are not encrypted when "at rest".

As to MSSQL database content encryption, that thing is entirely managed by MSSQL setup (depends on version).
ILMT doesn't influence that behavior in any possible way...

Thank you,


------------------------------
Oktawian Powązka

Original Message:
Sent: Tue January 31, 2023 03:30 PM
From: Corbett Powers
Subject: ILMT data encryption "at rest"?

Is the ILMT 9.2.x information (configurations, customer data, cache, etc.) encrypted "at rest"?
Also, is the ILMT MSSQL database encrypted "at rest"?

We could not find anything that specifically talked about data encryption "at rest" on either of these subjects so wanted to confirm.

If it is not, is this something on your future roadmap that you'll support?

Thank you.

------------------------------
Powers
------------------------------