Securing property files

Sterling™ Order Management System Software applications use property files to store parameters that control the way the application works or that are used to obtain credentials to access critical resources.

Threat

Malicious users who gain access to property files can obtain sensitive information such as user names, credentials, or IP addresses.

Mitigation

IBM® recommends this approach to secure property files:

  1. Restrict access to property files.

    Place property files on file systems that have restricted file privileges to limit which applications and users can access them.

  2. Encrypt sensitive information in the property files.

    Sterling Order Management System Software applications allow you to encrypt parameter values.

Property parameter encryption

To encrypt properties, you need to indicate which property has encrypted values and provide an encrypter class.