This document describes risk and vulnerability management strategies that are in place for Progress DataDirect Hybrid Data Pipeline security and governance.

Hybrid Data Pipeline leverages robust security mechanisms. Since it is typically deployed on-premises or through a managed private cloud, it is important for customers to ensure that end-to-end security is appropriately configured and managed. This includes leveraging your own defense in depth strategy, network security, encryption, access control, and other safeguards. The defense in depth security principle is a layering of security technologies and process of safeguarding the environment against known and emerging threats. Each ingress and egress point to must be managed, inspected, and validated through routine self and third-party assessment to prevent, identify, and correct vulnerabilities to protect against compromise. Coupled with appropriate on-premises IT security controls, Hybrid Data Pipeline can be an invaluable strategy for secure data access.