1. Security Guide
  2. Data Encryption

Data Encryption

To make sure that information remains private, Siebel Business Applications support the use of the following encryption technologies for storing data:

  • AES database encryption. Siebel Business Applications allow customers to encrypt sensitive information stored in the Siebel database (for example, credit card numbers, Social Security numbers, birth dates, and so on) so that it cannot be viewed without access to the Siebel application.

    Customers can configure Siebel Business Applications to encrypt a column’s data before it is written to the database and decrypt the same data when it is retrieved. This encryption prevents attempts to view sensitive data directly from the database. Sensitive data can be encrypted by using AES encryption at various key lengths. Encryption can be enabled using Siebel Tools. For more information, see About Data Encryption.

    Siebel Business Applications also use AES encryption to encrypt passwords stored in the Siebel Gateway registry. The Siebel Gateway registry stores information required by the gateway. For more information about encrypted passwords in the Siebel Gateway registry, see About Encryption of Siebel Gateway Password Parameters.

  • RSA SHA-1 password hashing. Siebel administrators can enable password hashing for user passwords or for database credentials. Hashing uses a one-way hashing algorithm. The default password hashing method is RSA SHA-1. (The previous mangle algorithm is still available for existing customers.)

    The Siebel administrator password is stored for Siebel Gateway in the Siebel Gateway registry, and is not hashed; passwords in the Siebel Gateway registry are encrypted using AES encryption.

    Password hashing invalidates the password to unauthorized external applications and prevents direct SQL access to the data by anything other than Siebel Business Applications. For more information, see About Password Hashing.

  • Encryption of the Siebel File System and server disks containing Siebel Business Applications data. It is recommended that you encrypt the Siebel File System and all server disks containing Siebel Business Applications data using third-party products or encryption features provided by your operating system. For information on the encryption technologies available, see the relevant operating system or third-party documentation. For additional information about securing the Siebel File System, see Siebel Security Hardening.