The way data is processed in InfoSphere MDM is controlled by how the MDM solution is constructed and what MDM services are being invoked by the calling applications.
The InfoSphere MDM transactions provide a large range of processing options that can be performed on the data in the InfoSphere MDM repository or how that data is made available to the calling system or business process. Of course, this is subject to the access and rights that have been established for that calling user.
Encryption for data at rest as well as in transit are available and it is recommended to be implemented if exposure exist for unauthorized access to the MDM systems environment. This is especially applicable if remote connections extend beyond your firewall. For information about encryption in MDM, see the Encryption overview. For information about enabling SSL encryption in MDM, see Support for SSL encryption.
Physical storage and hosting of personal data
- Primary data center
- Per the information in this document.
- Backup sites
- If applicable, the same measure and protections as they are in place for the primary data center should apply to any back-up sites. Furthermore, the connectivity and switchover facilities that exist between the primary site and these must ensure the integrity of the data protection of the MDM data, especially the personal data content.
- InfoSphere MDM does not include an archiving capability. However, if archiving is implemented through external facilities, its data protection, access rules, and so on should be in line, potentially more restrictive than the main InfoSphere MDM instance.
- In some configuration mirroring, data replication or other forms of maintaining multiple instances of the InfoSphere MDM environments are used. In those cases, the same consideration apply as described above for backup sites with the additional consideration of the mechanisms used to direct the transaction activities (request/responses) to the correct instance (such as load balancers).