Configuration for GDPR readiness

Ensure only authorized access to the environment

In addition to controlling overall access to FileNet P8 , you must also configure authorization for different areas and functions in the product. This configuration ensures that users access only the data that is relevant to their role within the environment and no more.

For information about setting up access and authorization in a new installation, see Security administrator installation tasks.

For information about configuring secure communications and ensuring that your object stores are secure, see Configuring authentication and authorization.

Encrypt all communications

Ensure that all FileNet P8 communications in all layers are encrypted, for example, use HTTPS, JDBC over SSL, SMTP over SSL, and LDAP over SSL. Although it might be acceptable to use unencrypted connections on a development or test system that does not process user information, you must ensure that all communications by production systems are encrypted to ensure GDPR readiness.

For information about configuring secure communications and ensuring that your object stores are secure, see Security.

Encrypt content as applicable

Content encryption helps to protect the confidentiality of content that you add to a storage area in case the content is accessed outside of FileNet P8 . For more information, see Content encryption.

Determine retention settings for objects

Plan your retention strategy to ensure that objects are retained only as long as there is a business need or as long as required by applicable regulatory requirements.

Prevent logging and tracing of sensitive information

If you encounter a problem with FileNet P8 , you might need to provide trace logs to IBM support. These logs can contain personal data. Before you send a log file to IBM support, edit the file to mask any personal data.