Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Saviynt Password Filter - Store password encryption

vivekbksingh
New Contributor III
New Contributor III

‎03/11/2024 11:24 PM

From the documentation at Configuring Password Synchronization from Active Directory (saviyntcloud.com)

>>>

 The password filter stores the password changes locally on the Active Directory server in an SQLite database to ensure that there is no loss of information in case of unscheduled interruptions, encrypts the passwords, and then sends the password information to EIC.

<<<<

  • For the passwords stored in the SQLite database on the respective Active Directory Controllers, where are the encryption keys being stored?
  • Are all network outbound "payloads" from Saviynt password filter to Saviynt Cloud instance encrypted? If not, what options (if any) are available within the Saviynt password filter app to encrypt the "payload"?
  • Are all inbound "payloads" from Azure Saviynt Cloud instance to application endpoints in (Cloud or on premise) encrypted?
Labels:
0 Kudos
2 REPLIES 2

CR
Regular Contributor III
Regular Contributor III

‎03/12/2024 12:08 AM

May be info need full for your subject

https://forums.saviynt.com/t5/general-discussions/can-we-send-the-ad-password-in-encrypted-format-an...

https://forums.saviynt.com/t5/identity-governance/how-does-work-the-connectors-password-encryption-p...

 


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.
0 Kudos

rushikeshvartak
All-Star
All-Star

‎03/12/2024 07:01 PM

Some general insights:

1. Encryption Keys for SQLite Database:
- Typically, encryption keys for data stored in a SQLite database are managed by the application itself. Saviynt's password filter would likely generate and manage these encryption keys internally. The specific details of how these keys are managed, including whether they are stored securely or not, would be outlined in Saviynt's documentation or provided by their support team.

2. Encryption of Outbound Payloads:
- It's standard practice for sensitive data, such as passwords, to be encrypted before transmission over a network. Saviynt's password filter should employ encryption mechanisms (such as TLS/SSL) to ensure that all outbound payloads containing sensitive information are encrypted before being sent to the Saviynt Cloud instance

3. Options for Encrypting Payloads:
- Within the Saviynt password filter application, there should be configuration options to enable encryption for outbound payloads. These options might include specifying the encryption protocol, key management, and other settings related to data security. 

4. Encryption of Inbound Payloads:
- Similarly, inbound payloads from the Saviynt Cloud instance to application endpoints (whether in the cloud or on-premise) should also be encrypted. Saviynt likely employs encryption mechanisms to ensure the security of data in transit. 

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC