Data Encryption
By default, SmartIQ enables Data Encryption for all cloud environments as well as all new installations. This provides an additional security measure where the data is encoded and only SmartIQ can decrypt the data.
On-premise installations
For older on-premise installations of SmartIQ, this is an optional setting that can be enabled in Manage > Settings > Security. However, once enabled, this setting can no longer be turned off.
Rotating the Data Encryption Keys
Data Encryption Keys (DEKs) are keys designed to encrypt and decrypt data once or multiple times. The longer the key is in use, the higher the probability of a breach. SmartIQ key rotation minimizes the amount of data exposed to an attacker by retiring a key and replacing the key with a new cryptographic key. The inactive key can decrypt the old data but will not be used to encrypt new data.
SmartIQ automatically rotates the key regularly every 12 months for compliance with standards but also provides the option to manually rotate the keys. To do this:
User Permission
Note: Only users with Manage Security permission will be able to access the Security settings in Manage and manually rotate the key.
- Go to the Manage > Settings > Security.
- Under Encryption Keys, you will see the version and expiration date of the current Data Encryption Key.
- Click Rotate Key.
- Click Save to save the changes to the settings.
The system may take up to ten (10) minutes for the previous key to be deactivated from the cache. Restart the site to force the system to use the new key.
Updated over 3 years ago