Is it possible to encrypt the default table and columns ?

shin3
Kilo Contributor

‎08-29-2022 07:52 PM

Hi All,

I would like to encrypt personal information.

Is it possible to encrypt  "sys_created_by" and "sys_updated_by" by CLEE Column Level Encryption Enterprise?

Also, can we encrypt defalut table "sys_user", "sys_user_group" and "sys_user_grmember"  by CLEE?

Couldn't find it for encryption, at least in CLE.

Thanks in advance.

0 Helpfuls
  • 576 Views
1 REPLY 1

Mahendra RC
Mega Sage

‎08-29-2022 08:40 PM

Hello Shin,

 

I don't have much idea on this, but It seems that you can encrypt sys_created_by and sys_updated_by fields as they are String type field. Also regarding the tables you can encrypt the table in question but you may need to check little more on the impact.

Below are the limitations for CLE encryption support. Please refer the Encryption support for more details on this

 

Limitations

  • Only the following field types can be encrypted:
    • String text
    • Date
    • Date/Time
    • Attachments
    • URL
  • Because contexts are tied to roles and roles are tied to users, you do not have access to keys from non-user sessions. Anything running as a system user or a scheduled job that doesn't have a user session won't be able to access the key to encrypt or decrypt data.
  • Value versus display value:
    • When you use value, you get ciphertext.
    • When you use display value, provided you have the right role, you get cleartext.

    Many scripts in the application layers are scripted in such a way that they ignore this distinction and use value. The data won't be encrypted or decrypted if you don't change the scripts to use display value.

Filtering and searching encrypted fields

When an Encrypted Text field or a field with an encrypted field configuration applied is selected as the left operand in a filter, the following operators are available:
  • is
  • is not
  • is empty
  • is not empty

For Date fields, use the date picker to specify the date:

Date picker

For Date/Time fields, use the date and time picker to specify the date and time:

Date/Time picker

If a user with one or more encryption contexts filters for equality or searches for a value in a list:

  • Only values encrypted with an encryption context available to the user are returned.
  • The operators is empty and is not empty return all matching records. Fields encrypted with an encryption context not available to the current user appear blank.

If a user does not have any encryption contexts, no records are returned.

The Show Matching and Filter Out options are supported in lists. Only exact matches are returned or filtered out.

Note: Adding encrypted fields in condition filters is supported in scripts such as UI policies and business rules.

Exporting data from encrypted fields

When exporting encrypted fields in a list or form to a file format, only fields encrypted by an encryption context available to the current user appear in the exported document.

To disable exports of encrypted data from a list view, add the glide.encryption.export_encrypted_data.allowed system property and set the value to false.

Please mark my response as hepful/correct, if it answer your question.

Thanks

0 Helpfuls