Application Data Encryption
Hi,
Has anyone worked on application data encryption where the keystore is sourced from Data page?
We had configured the application data encryption and it is activated in the Data encryption landing page. Followed this guide - https://community.pega.com/sites/default/files/help_v83/procomhelpmain.htm#security/data-encryption/custom-kms-app-data-tsk.htm
Specifically step 2 from sample activity - pzSampleGetCustomMasterKey. We had modified that step 2 to call a REST API to encrypt or decrypt CMK.
Also followed this guide to configure class group to be encrypted. https://community.pega.com/sites/default/files/help_v83/procomhelpmain.htm#engine/database/admin/eng-db-encrypting-ss-tsk.htm
We are executing this in Pega 8.4.
Questions:
1) Once we created new cases from the configured class group, how do we ensure that the BLOB is encrypted?
2) When saving auth profile with basic authentication, it is calling the datapage configured for application data encryption. Has anyone experienced this before?
Accepted Solution
Updated: 12 Aug 2020 10:06 EDT
State Farm
US
In case any one comes across same questions, here is the resolution:
1) Once we created new cases from the configured class group, how do we ensure that the BLOB is encrypted?
--- Its through Performance tool, beside the pega icon close to where live UI and clipboard is.
Click Full, Find BLOB encryption.
This stat will increase for each case created when BLOB encryption is turned on succesfully.
2) When saving auth profile with basic authentication, it is calling the datapage configured for application data encryption. Has anyone experienced this before?
-- Through working with Pega, this is expected. application data encryption includes certain rule types as well.
Pegasystems Inc.
IN
Did you try the below suggestion?
https://collaborate.pega.com/question/how-check-if-blob-encrypted
Yes, the authentication password will be encrypted when configuring the own key. please refer below article.
https://community.pega.com/knowledgebase/articles/security/encryption-pega-platform
Accepted Solution
Updated: 12 Aug 2020 10:06 EDT
State Farm
US
In case any one comes across same questions, here is the resolution:
1) Once we created new cases from the configured class group, how do we ensure that the BLOB is encrypted?
--- Its through Performance tool, beside the pega icon close to where live UI and clipboard is.
Click Full, Find BLOB encryption.
This stat will increase for each case created when BLOB encryption is turned on succesfully.
2) When saving auth profile with basic authentication, it is calling the datapage configured for application data encryption. Has anyone experienced this before?
-- Through working with Pega, this is expected. application data encryption includes certain rule types as well.
Lloyds Banking Group PLC
GB
Can you let me know the process how you have referred the Keystore in Data encryption landing page using Data Page?
I have created the AWS KMS keystore and enabled the platform from Data encryption landing page in Dev environment. Now the same thing needs to be done in other environments. I wanted do it via data page by passing the respective keystore depending on the environment?
Thank You, Surendra.PV