Encrypting the RiOS data store significantly limits the exposure of sensitive data in the event an appliance is compromised by loss, theft, or a security violation. The secure data is difficult for a third party to retrieve.

Before you encrypt the RiOS data store, you must unlock the secure vault. The secure vault stores the encryption key.

Encrypting the RiOS data store can have performance implications; generally, higher security means less performance. Several encryption strengths are available to provide the right amount of security while maintaining the desired performance level. When selecting an encryption type, you must evaluate the network structure, the type of data that travels over it, and how much of a performance trade-off is worth the extra security.

RiOS appliances cannot use an encrypted RiOS data store with an earlier RiOS version, unless the release is an update (9.0.x). For example, an encrypted RiOS data store created in 9.0.1 would work with 9.0.3, but not with 9.5.

Before downgrading to an earlier software version, you must select none as the encryption type, clear the RiOS data store, and restart the service. After you clear the RiOS data store, the data is removed from persistent storage and cannot be recovered. If you are using the server-based backups feature on Core, you must delete all backup policies and clear snapshots on the storage array before downgrading.

If you return to a previous software version and there is a mismatch with the encrypted RiOS data store, the status bar indicates that the RiOS data store is corrupt. You can either: