9. Using Data at Rest Encryption : Encryption and Copydb/Unloaddb Considerations
 
Share this page                  
Encryption and Copydb/Unloaddb Considerations
Data at rest encryption does not protect data outside the database, including files generated by the copydb, unloaddb, and genxml utilities.
Files generated by these programs for copying data back into Ingres contain syntax to recreate any exported encrypted tables with the original column encryption attributes. The standard passphrase 'TEMPORARY PASSPHRASE' is encoded in these files. A good practice is to use this or any other temporary phrase to import the table, and then to MODIFY the passphrase immediately after import (to avoid the risk that would be caused by revealing the desired final passphrase in a plaintext import flat file).