VisibleThread Docs (on-premise) is available with the option of encrypting all data at rest. This setup keeps all VisibleThread data on an encrypted disk volume using AES (
aes-xts-plain64:sha256) with 512-bit keys.
Note: contact firstname.lastname@example.org to request access to the VisibleThread Docs on-premise Encrypted virtual machine.
Decrypting the disk
When the system boots up, an IT admin must have access to the terminal to provide the password to decrypt the disk :
Changing the encryption password
Once the disk has been decrypted, the IT admin can login and change the encryption password :
sudo cryptsetup luksChangeKey /dev/mapper/visiblethreadserver-db