Introduction to Data at Rest Encryption with Bomgar Privileged Access


Bomgar Privileged Access's (PA) data at rest encryption allows organizations to use their existing key management solution to encrypt their Bomgar configuration, text-based session audit history, and session recordings for on-premises or cloud-based Bomgar PA deployments. With Bomgar PA's data at rest encryption feature, organizations can comply with data encryption policies put forth by your organization's Information Security team.


  • Bomgar Appliance1Bomgar Appliance is used interchangeably to refer to both on-premises and cloud deployments. must be using Bomgar Base version 5.0 or above.
  • The key management solution must support Key Management Interoperability Protocol (KMIP) version 1.0 or above.
  • For cloud deployments, Bomgar PA Cloud must be able to access the KMIP server over port 5696.
  • A root Certification Authority (CA) certificate must be provided by the KMIP server.
  • A client Transport Layer Security (TLS) certificate that defines the KMIP user account to be used for authentication, which must be provided by the KMIP server and uploaded to the Bomgar Appliance.