Ops Center Protector allows the administrator to secure the data that the system protects with encryption in a number of ways:
- If it is known that the node will be operating over a nonsecure network, such as the Internet, then enabling the Internet connected node option is recommended. This will require the Protector ‘over-the-wire’ encryption licence: This will encrypt transmitted data as an extra security precaution. With the appropriate licence this uses the SHA-256 cryptographic hash function to encode data and allow the data integrity to be verified. In the non-licenced case it is used to verify the integrity of the certificate for the secure channel. Protector uses a NIST validated implementation of the SHA-256 algorithm.
- With the appropriate ‘at-rest’ data encryption licence (where available) Protector uses the SHA-256 hash algorithm to encode the data that is stored on an encrypted repository. The data remains encrypted and secure even when the repository is not being used.