In-Transit Data - Security Best Practices - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - Essential - Premier - Standard - external - Standard - Essential - Premier

Security Best Practices

Security Best Practices
Foundation 23.1

Data is in transit when it is moving between two places, such as data moving between the Application Server and the Disk Groups in OnBase, or between an OnBase client and server. There are several ways to protect in-transit data, the most common of which is to encrypt the data while it is in transit.

Proper use of Transport Layer Security (TLS) between clients and servers is usually considered a method of protecting Internet traffic, but TLS is also how in-transit data on your internal network can be protected from inside threats. Even if you do not have an OnBase system with access to the Internet, your data could still be compromised if an attacker is on your internal network. By using TLS with a trusted certificate, encrypted sessions with OnBase servers can be created for each user, and that traffic cannot be read by any other user. TLS also allows for one-sided authentication to ensure that users are connecting to the server they expect and that their connection has not been compromised by a man-in-the-middle type of attack.

Beginning in OnBase 14, the OnBase Web and Application Servers use TLS by default and require an established trust between client and server.


TLS is configured using Microsoft Internet Information Services (IIS). For more information on configuring IIS, see the documentation provided by Microsoft.