Data processing

The way data is processed in InfoSphere MDM Collaborative Edition is controlled by the business users through the user interface, in concert with defined workflows that reflect the requirements of product categories and secondary specifications. Tasks can also be invoked through the MDM CE API by calling applications.

Encryption for data at rest as well as in transit are available and it is recommended to be implemented if exposure exist for unauthorized access to the MDM systems environment. This is especially applicable if remote connections extend beyond your firewall. For information about encryption in MDM, see the Encryption overview.

Physical storage and hosting of personal data

InfoSphere MDM CE is a potentially critical part of an enterprise's systems environment and this means that measures need to be taken to ensure the appropriate level of protection and redundancy are implemented to achieve suitable SLA level. In other words, high availability and disaster recovery architectures are common for InfoSphere MDM deployments. Several patterns exist for this, but a full review of these in this document is not appropriate. Contact your IBM representative for more information and assistance to address your unique needs. However, the following aspects should be considered, if applicable:
Primary data center
Per the information in this document.
Backup sites
If applicable, the same measure and protections as they are in place for the primary data center should apply to any back-up sites. Furthermore, the connectivity and switchover facilities that exist between the primary site and these must ensure the integrity of the data protection of the MDM data, especially the personal data content.
InfoSphere MDM does not include an archiving capability. However, if archiving is implemented through external facilities, its data protection, access rules, and so on should be in line with the main InfoSphere MDM instance, or potentially even more restrictive.
In some configuration mirroring, data replication or other forms of maintaining multiple instances of the InfoSphere MDM environments are used. In those cases, the same consideration apply as described above for backup sites with the additional consideration of the mechanisms used to direct the transaction activities (request/responses) to the correct instance (such as load balancers).