Best practices for security of sensitive data

You must protect the files that might potentially contain some security-related sensitive values in the development environment.

Here is the list of properties that might contain security-related sensitive values:
  • Properties files in runtime/properties, particularly, customer_overrides.properties, where customers set their customer-specific property overrides.
  • Any db-supported property values that are directly overridden by customer in DB through SMA.
  • If you are using a developer toolkit, you must consider the following properties for security-related sensitive values:
    • The devtoolkit_docker/compose/om-functional.properties file, if available, can contain the developer toolkit-specific overrides of product functional properties.
    • The devtoolkit_docker/compose/om-compose.properties file that can contain overrides of the developer toolkit-related internal property values.
    • The devtoolkit_docker/compose/docker/integration.properties file, if available, contains the developer toolkit-specific tenant details for IBM® Sterling™ Store Engagement and IBM Sterling Intelligent Promising Inventory Visibility tenants.