c-treeACE services thousands of mission-critical applications in many sensitive industries including banking, finance, and health care. The increasing demand to provide users with highly secured access to systems and data continues to impact developers in these and many other industries. Providing the necessary security required to safeguard mission-critical data is crucial.
In our ongoing security reviews, we have implemented numerous elevated security controls assisting developers in securely transmitting and storing data:
a) the security resource in c-treeACE data and index files that use advanced encryption,
b) the encryption key in the transaction log file header when using advanced log encryption.
Now, when advanced encryption and FAIRCOM.FCS encryption (ADMIN_ENCRYPT) are enabled, when the FAIRCOM.FCS file is created it is encrypted using AES 256-bit encryption. When using advanced encryption and transaction log encryption, c-treeACE now uses a 256-bit key to encrypt the transaction logs. (Previously, the transaction log encryption key was 128 bits.)