We are setting up Qlikview 9.0 SR4 with Qlikview Web Service with our accesspoint that is outward facing being used by our external customers viewing QVW's that contains personal information that needs to be secure. We are running our users through our Active Directory for user authentication and only allowing them access to our External Server. With security in mind we want to make sure our data is being encrypted and secure and curious about the following.
We are wondering if QWS has any built-in encryption and if so by default is it enabled with Qlikview Web Service and what type of encryption is it? If there is encryption available is there a need to get a SSL Certificate for our external website referred to in Question #2?
We are looking at purchasing a 3rd party SSL Certificate for our Webpage Access Point does the QWS support a certificate from a 3rd party such as Thawte? It's not like IIS 7 where you install it on the Web Server and all is well. How does this certificate get installed/configured if it even works?
Is there a better option/suggestion for us to accomplish the encryption/security we need to keep in mind dealing with PHI information?