To protect against unauthorized access to data on disk, InterSystems IRIS for Health™ provides managed key encryption, a suite of technologies that protect data at rest.
Managed Key Encryption: Protecting Data on Disk provides an overview of the major concepts and tasks for encrypting data.
First Look: Database Encryption offers a quick introduction to database encryption, as well as an exercise that shows it in use.
Learn about encryption
InterSystems IRIS supports a number of interrelated encryption features for data at rest:
Block-level database encryption, also known simply as database encryption — A set of tools to allow creation and management of databases in which all the data is encrypted.
You can manage encrypted databases through the Management Portal and command-line utilities.
Data-element encryption for applications, also known simply as data-element encryption — A programmatic interface so that applications can include code to encrypt and decrypt individual data elements (such as particular class properties) as they are stored and retrieved.
Encryption key management — A set of tools in the Management Portal for creating and managing data-encryption keys, for managing keys stored in key files, and for managing keys stored on a key management interface protocol (KMIP) server. You can manage keys through the Management Portal and command-line utilities.