Hitachi ID Identity Manager is designed to be secure. It is protected using a multi-layered security architecture, which includes running on a hardened OS, using file system ACLs, providing strong application-level user authentication, filtering user inputs, encrypting sensitive data, enforcing application-level ACLs and storing log data indefinitely.
Identity Manager never requires plaintext passwords to be stored in configuration files or scripts and does not store plaintext passwords anywhere. Identity Manager does not ship with a default administrator password -- one must be typed in at installation time.
These security measures are illustrated in Figure [link].