Database encryption

Database encryption is designed to prevent unauthorized access to locally stored databases and is not intended as a replacement for field-level encryption. Database encryption provides an additional layer of security because ACL settings do not protect locally stored databases.

Database encryption uses a public-key algorithm. Encryption generates a random encryption key, encrypts this key with the public key associated with a specific user ID, and appends the resulting key to the specified database. A user can access an encrypted database only if the user's private key can decrypt the appended key. It is a good idea to encrypt local databases if they are stored on a portable computer, or if you share your computer with other users.

You can also use local encryption to encrypt databases on a server with the server ID. Then, only those Domino® administrators with access to the server ID can read the database.

Note: When a user copies a database, the data remains encrypted -- even if the database is copied at the operating system level. The encrypted data is also safe from access by API programs.

Use the local encryption option from the Database Properties box to encrypt databases on a workstation with a database owner's user ID, and to encrypt databases on a server with a server ID. To encrypt a local database after the initial creation of the database or replica, you or the server administrator must first compact the database.

Encryption levels

When you encrypt a database, you must select one of the following encryption levels: simple, medium, or strong. The stronger the encryption, the longer it takes to open a database.

  • Use simple encryption when security needs are not great. It is enough to deter casual snooping.
  • Choose medium encryption (default) to balances security, strength, and fast database access.
  • Use strong encryption when security requirements are paramount, and the resulting database access performance is acceptable.

For more information on encryption, see Domino® Administrator Help.