1.4 Security and Privacy

PlateSpin Migrate provides several features to help you safeguard your data and increase security.

1.4.1 Security of Workload Data in Transmission

To make the transfer of your workload data more secure, you can configure your migration jobs to encrypt the data in transit to the target. When encryption is enabled, over-the-network data transfer from the source to the target is encrypted by using AES (Advanced Encryption Standard).

You can configure your PlateSpin Server to use a data encryption algorithm that is compliant with FIPS (Federal Information Processing Standards, Publication 140-2). If compliance with FIPS is required, it must be set up on your system prior to the PlateSpin Server installation. See Enabling Support for FIPS-Compliant Data Encryption Algorithms (Optional) in your Installation Guide.

For information on how to enable file encryption for a migration job, see Specifying Replication Options.

1.4.2 Security of Client-Server Communications

Data transmission between the PlateSpin Server and the PlateSpin Migrate Client can be configured to use either HTTP (default) or HTTPS (Secure Hypertext Transfer Protocol). To secure data transmission between the client and the server, enable SSL on your PlateSpin Server host and use HTTPS when specifying the server URL. See Connecting to a PlateSpin Server.

1.4.3 Security of Credentials

Credentials that you use to access sources and targets in workload migration jobs are:

  • Cached, encrypted, and securely stored by the PlateSpin Migrate Client, by using operating system APIs.

  • Stored in the PlateSpin Migrate database and are therefore covered by the same security safeguards that you have in place for PlateSpin Server hosts.

  • Included within diagnostics, which are accessible to accredited users. You should ensure workload migration projects are handled by authorized staff.

1.4.4 User Authorization and Authentication

PlateSpin Migrate provides a role-based user authorization and authentication mechanism. See Section 2.2, Setting Up User Authorization and Authentication.