Teradata Database provides the following features to enhance data protection:
- By default, the logon string is encrypted to maintain the confidentiality of the username and password employed to log on to Teradata Database.
- Optional data encryption of messages maintains confidentiality of the data transmitted to and from Teradata Database.
- Automatic integrity checking insures that the data is not corrupted during the encryption/transmission/decryption cycle.
- Optional BAR and DSA encryption provides confidentiality of data backups between the BAR server and the storage device.
- Optional SSL/TLS protection for systems using LDAP authentication with simple binding, including:
- Encryption of the LDAP authentication sequence between Teradata Database and the directory server.
- Advanced TLS protection, which requires that the database authenticate itself to the directory or that the database and directory mutually authenticate.
- Optional SASL protection for systems using LDAP authentication with Digest-MD5 binding:
- Protection of the LDAP authentication token exchange sequence between Teradata Database and the directory server.