Context: Mechanism to store encryption key (DB and App server File System) and protecting it from system administrator against misuse.
Use case: 1Currently, encryption key and encrypted data both are stored in db, By virtual of Blue Prism design, encryption key can be stored in database or File System (FS) on App Server. No other option is available.
1. DBA access: We can move encryption key to App server and restrict dba access to app server.
2. Wintel / Blue Prism administrator access: They would have access to App server FS, wherein they also have access to Blue prism database (limited access though) for maintenance activity. This is causing issue.
- Requirement:The requirement is to store encryption key in any other tool (like IBM PIM - Product Information Management), where administrator should not have access to.
Use case 2:When user navigates to encryption key using Blue Prism user interface, the log is also not recorded.
- Requirement: I believe this is essential for any audit compliance.