Encryption to secure files

BMC Atrium Orchestrator uses encryption to secure files created in BMC Atrium Orchestrator Development Studio, deployed on grids, and that can contain sensitive information.

The BMC Atrium Orchestrator platform encrypts certain files when writing to the file system. The encryption process does not require interaction or maintenance. However, you can configure the encryption parameters before you start the BMC Atrium Orchestrator component for the first time, and you can disable encryption for any component at any time.

Not all files written by BMC Atrium Orchestrator are encrypted. Only files that might contain sensitive configuration data are protected, including:

• Process definition files created in BMC Atrium Orchestrator Development Studio
• Module configuration files created in BMC Atrium Orchestrator Development Studio
• Module archive files, .roar files, that are exported to and deployed on grids
• Server connection files
• Persisted global context data state
  
  Files are encrypted when they are written to the file system and are stored using the same file name that would be used if the files were not encrypted. By default, the files are encrypted using the Advanced Encryption Standard (AES) algorithm, using a 128-bit preconfigured key.

  Note

  When exporting module archive files from BMC Atrium Orchestrator Development Studio to disk, the exported module archive files, .roar files, are not encrypted. This enables these module archive files to be imported into another BMC Atrium Orchestrator Development Studio instance, which could be configured to use a different set of encryption parameters.