Data processing

The way data is processed in InfoSphere MDM is controlled by how the MDM solution is constructed and what MDM services are being invoked by the calling applications.

Note: The clear majority of MDM activities (transactions) are initiated by external systems and business processes.

The InfoSphere MDM transactions provide a large range of processing options that can be performed on the data in the InfoSphere MDM repository or how that data is made available to the calling system or business process. Of course, this is subject to the access and rights that have been established for that calling user.

Encryption for data at rest as well as in transit are available and it is recommended to be implemented if exposure exist for unauthorized access to the MDM systems environment. This is especially applicable if remote connections extend beyond your firewall. For information about encryption in MDM, see the Encryption overview. For information about enabling SSL encryption in MDM, see Support for SSL encryption.

Physical storage and hosting of personal data

InfoSphere MDM is often a highly critical part of an enterprise's systems environment and this means that measures need to be taken to ensure the appropriate level of protection and redundancy are implemented to achieve suitable SLA level. In other words, high availability and disaster recovery architectures are common for InfoSphere MDM deployments. Several patterns exist for this, but a full review of these in this document is not appropriate. Contact your IBM representative for more information and assistance to address your unique needs. However, the following aspects should be considered, if applicable:

Primary data center: Per the information in this document.
Backup sites: If applicable, the same measure and protections as they are in place for the primary data center should apply to any back-up sites. Furthermore, the connectivity and switchover facilities that exist between the primary site and these must ensure the integrity of the data protection of the MDM data, especially the personal data content.
Archives: InfoSphere MDM does not include an archiving capability. However, if archiving is implemented through external facilities, its data protection, access rules, and so on should be in line, potentially more restrictive than the main InfoSphere MDM instance.
Mirroring: In some configuration mirroring, data replication or other forms of maintaining multiple instances of the InfoSphere MDM environments are used. In those cases, the same consideration apply as described above for backup sites with the additional consideration of the mechanisms used to direct the transaction activities (request/responses) to the correct instance (such as load balancers).