Encryption of Database Files

Jedox integrated encryption

You can encrypt databases using hash algorithms. Plain text information will not be stored if a server installation is encrypted. An encrypted database cannot be decrypted at any time later.

You can turn on the integrated encryption in the palo.ini configuration file.

Windows encryption of database files

If the users are managed over Active Directory(AD), then a certificate must be stored on the AD server. This has nothing to do with the key – the key will be generated upon activation of the encryption. If the keys cannot be managed by the AD server, a special certificate server is needed.

In Windows Explorer, select the C:\Jedox directory. Right-click and choose Properties from the context menu. Click the Advanced… button and turn on "Encrypt contents to secure data":

Encrypt content settings screenshot

Click OK, and then OK the option to apply changes to all subfolders and files. All files in C:\Jedox\data will then be encrypted, particularly the file database_CUBE_0.csv of the System database, which contains the user and password data.

You can grant access to more users on specific files (e.g. palo.ini and palo.ini.sample) by adding them to the list of users who have transparent access to those files.

Updated June 5, 2023