Enable encryption of recorded data-at-rest

To encrypt all recorded content immediately as it is written to the disk on a recorder server, complete this procedure.

Before you begin 

You must have a Key Management Server (KMS) installed and configured before you can complete this procedure.

Procedure 

  1. Go to System Management. Under Enterprise, select Settings.

  2. In the Installations tree (left pane), select the Enterprise node, a Site Group node, a Site node, or a Server node.

    • Select the Enterprise node to encrypt all recorded content on all recorder servers in the enterprise.

    • Select a Site Group, Site, or Server node to encrypt only the recorded content on the recorder servers under or associated with the selected node.

  3. Click Security.

  4. In the Data-At-Rest Encryption section, configure these options:

    • Enable Data-At-Rest-Encryption - To enable data-at-rest encryption for the selected Installations tree nodes, select this check box.

    • Encryption Key Class - (Required) Specify the encryption key class that was created on the RSA or Thales Key Management Server.

    • Legacy Encryption Key Class - In a gradual upgrade scenario, where you have upgraded application servers to v15.2 (or higher) and you still have servers of the v11.1 release operating in your environment, you can specify the Legacy Encryption Key Class for the RSA Key Management Server (KMS) used by the v11.1 servers.

  5. Click Save or Save and Apply to Children as appropriate.

  6. Check the System Monitoring, System Monitor, Alarm Dashboard screen for new alarms that indicate it is necessary to restart services. If these alarms appear, restart the services indicated by the alarms.

    Alarms indicating it is necessary to restart services sometimes do not appear in the Alarm Dashboard until several minutes after you save the Enterprise Settings changes.

  7. After restarting services indicated by the alarms, you must verify that encryption is working. Use the site acceptance test procedures for verification Feature in voice biometrics where the speaker’s voice is compared to a collection of employee or customer voiceprints that should match the call. If a match occurs, the speaker is said to be verified. purposes.

Related topics 

Security settings screen reference

Security configuration procedures

Configure the Key Management Server settings

Save, Save and Apply to Children, Revert to Parent, and Revert Buttons

Related information

Site Acceptance Tests (SAT)

Security Configuration Guide

Key Manager Server Installation and Configuration Guide