Communicating with target systems
Avoid sending sensitive data as plaintext:
Where possible ensure that communications are encrypted.
For example, if you have an Oracle target system, the default setup for the Oracle client is to configure unencrypted communications with the Oracle database. Ensure that you configure encrypted communication.
When communications cannot be encrypted, you can:
Use a proxy server to set up a secure channel with the primary server.
Not synchronize the accounts on that target system and ensure that administrative passwords are periodically rotated.