IguanaX 10.1.105 introduces the ability to enable and disable log encryption to secure data at rest stored in your IguanaX Log Directory on disk.
Encrypting logs is crucial for compliance with standards like HIPAA and GDPR, as it protects sensitive data such as Protected Health Information (PHI) from unauthorized access. By making logs unreadable without the proper decryption keys, encryption reduces the risk of data breaches while ensuring the confidentiality and integrity of stored information.
Review Log Encryption for how to enable and disable log encryption on existing and new IguanaX instances.
Considerations:
The log encryption key must be a cryptographically secure 32-character string generated by IguanaX.
The encryption key must be re-entered every time IguanaX service starts up.
IguanaX will not remember this key. You are responsible for documenting and storing this key in a secure location. There is no way to unlock Iguana without entering this encryption key when the service is started.
Encrypted logs will be stored in a new log directory, called loge.