Beyond authentication, authorization, and auditing, Pega Platform offers many other configurable security features, such as encryption, HTTP response headers, and Web Service Security profiles. Use these features to ensure that your application is as secure as possible.
Encryption is a way to protect sensitive data within your application, without affecting the functionality of Pega Platform. Examples of typically encrypted data include Social Security numbers, credit card numbers, account numbers, and addresses.
- Key management system for application data encryption
Create a keystore that references keys other key management services, such as Microsoft Azure Key Vault, HashiCorp Vault, and Google Cloud KMS, and Amazon KMS through the use of a data page. By supporting additional key management services, Pega Platform™ offers you increased flexibility when defining keys that are used for encryption of application and internal system data.
- Creating a token profile
Use a JSON Web Token (JWT) to exchange information securely between two different parties. For example, a JWT can carry information about a user that can be used by another party to authenticate the identity of the user.
- Securing an activity
You can better protect your application by limiting how an activity can be run and who may run it by configuring activity-specific access control.
- Adding new privileges to roles after an upgrade
Pega Platform version 8.5 has introduced new security privileges to align with leading practices and Pega has provided guidance on how to strengthen your security architecture by adding new privileges to roles after an upgrade.