While attackers ideally won’t be able to gain access to any of the systems running the PingDirectory software or to systems that contain data generated by the PingDirectory software, you should still take additional measures to protect the data.
One of the best ways to accomplish this is to encrypt all sensitive data. The PingDirectory software provides extensive support for data encryption. It is possible to encrypt the backend databases, both entry contents and index data, as well as the replication database and the LDAP-accessible changelog if enabled. It is also easy to encrypt backups, LDIF exports, log files, and support data archives.