Content can be encrypted while at rest in a storage area, or when it is sent between a repository and a supported application.
Use the Content Platform Engine content encryption
capability to ensure that the content that is received by the Content Platform Engine is encrypted when it is in the staging area on the Content Platform Engine server, as it moves between the Content Platform Engine server and the storage area, and when it is stored in the
storage area. The Content Platform Engine encryption capability can be used
with all types of storage. This encryption is done by using AES in Counter mode, a Federal
Information Processing Standard (FIPS) 140-compliant algorithm, with a 128-bit key or a 256-bit key.
If you use other encryption technologies to secure content on a storage device, transfers between the Content Platform Engine and that device will be of unencrypted content. Therefore, you ought to consider whether and how to provide security on those transfers.