Security in Incorta
Incorta Analytics allows you to move data securely between your data source and your Incorta solution. Within the Incorta environment, your data is stored on the file system or in memory. Incorta allows you to encrypt the sensitive data so people with access to the file system cannot see the data unless they have permission. Incorta objects, like schemas and dashboards, can be shared with different privileges to ensure data integrity. Incorta allows users to share dashboards with restricted content, depending on user privileges.
Secure Communication from the Data Source to the Incorta Solution
Incorta uses TLS to secure communication between different components of the solution. The metadata database is secured and you can encrypt the password to secure the metadata further.
Incorta moves data between disk to memory quickly enough to prevent attackers from accessing data. You can further secure data by encrypting it.
Secure Data on Disks
Incorta provides ways for users to secure data using external keys to hide data in Parquet or snapshot files so users with permissions to Parquet and snapshot files cannot read them.
You can encrypt data in columns and restrict access to tables within Incorta Analytics. If you want to secure data further, you can use operating system or hardware-level security to encrypt data to protect it if disks are stolen.
If you deploy Incorta using AWS, Azure, GCP, or Oracle, you can encrypt block storage and use cloud infrastructure to route and manage encryption keys.
Secure Login Access
Secure user access by implementing secure authentication methods. For example, Incorta supports the following types of SSO:
- Directory Services
- IBM CIS
- Mobile SSO
- Others (ask your customer success manager)
Incorta encrypts passwords with AES 128 encryption and provides a way to log in to Incorta Analytics and the Cluster Management Console (CMC) called self sync. Incorta uses SHA for password hashing in server files.
Secure Objects In Incorta
Users cannot modify data in the Incorta Analytics interface. Incorta is not a transaction system. Incorta mirrors data from other systems which cannot be modified. Users read the data from screen.
Incorta tracks changes made to objects, the user that made the changes, and when the changes were made in a repository table using a versioning system. Version and object data is stored in a repository database where you can download versions to compare them.
Secure user access and permissions by managing user roles and access within Incorta (User, Admin, Schema Manager etc.) using the Security Tab. You can restrict access to schema, ecrypt columns in a table, and reset passwords.
Secure Business Data
Incorta allows you to restrict access to data that users see in Incorta Analytics using:
Presentation variables and runtime security filters allow you to share the same dashboard among different users. For example, a sales representative and the VP of Sales can see the same dashboard, but different sets of data.