Managing Field Level Encryption

Administrators can encrypt data fields to prevent unauthorized users from accessing sensitive information, such as credit card or social security numbers. Aptify encrypts field data using Microsoft's Cryptographic Services (see About the Field Level Encryption Implementation for more information).

An administrator enables encryption on a per-field basis within a specific entity.

See Granting Access for Credit Card Number Encryption for information on how credit card numbers are encrypted in Aptify by default.


This topic covers the following sub-topics:

About the Field-Level Encryption Process

The following steps provide an overview of the encryption process:

  1. An administrator configures a Security Key with the appropriate User and/or Group Permissions.
    • The service includes one default key, the Generic Entity Encryption Key. By default, the sa user and members of the Users, Accounting, and Administrators group have access to this key. 
  2. An administrator enables encryption for a data field within an entity's record specifying the Security Key to use for encryption and decryption.
    • Aptify encrypts the specified field in all existing records during the save process. 
  3. Authorized users enter data into the encrypted field in a record. When the user saves the record, this data is encrypted and then stored in the database.
    • Since data is encrypted within the database itself, unauthorized users cannot bypass the Aptify security measures to gain access to sensitive data using another database tool, such as SQL Server Query Analyzer or Microsoft Access. 
  4. In Aptify, users who have access to the appropriate security key can display encrypted fields within a view in a decrypted format so that exported view results can be viewed in plain text when necessary. See the Show Decrypted Field Option for List Views for details. The encrypted data is not available in views or standard reports.
    • If a view contains an encrypted field and encryption option is not enabled, the field's content appears as a hashed value.

      Encrypted Data in a View 

      The hashed value is the field's contents after the user data has been encrypted using the specified Security Key and the encryption algorithm.

  5. The encrypted data is not available to unauthorized users. Also, unauthorized users cannot enter data into fields that have encryption enabled. Aptify disables the field on the form to prevent the unauthorized users from making any changes to the field's value. 

     
    Disabled Field
  6. When an authorized user opens a record, the field's contents are decrypted; the user can view or modify the field's contents.


Important Notes Concerning Field Level Encryption

Review the following considerations before enabling encryption for a particular field:

  • When you enable encryption for a particular field, Aptify encrypts the field for all existing records in the entity. If the entity has millions of records, it may take an hour or more to complete the encryption process (depending on the processing power of your server). Also, no transactional activity should take place during the encryption operation to avoid potential conflicts. Therefore, Aptify strongly recommends that you only perform encryption and decryption operations after hours when no one is using the system.
  • The encryption process expands data. Therefore, you may need to increase the SQL Data Size within the entity to accommodate the encrypted data.
  • If in doubt, perform a test prior to deployment by enabling encryption on a test entity and then attempting to save a record with data of the expected length in an encrypted field. An error message will appear in the Session Exceptions viewer that reports the number of characters needed in the encrypted field, as shown in the example below. If data already exists in the field when you attempt to encrypt it and the field size is too small, the entity save will fail and a corresponding error is logged to the Session Exceptions viewer.

    Error Message If Field Size Is Too Small
  • Consider the potential consequences of encrypting a field, such as how this change may impact other fields and entities, before enabling this feature. For example, encrypting the Persons entity's First Name will create a meaningless NameWCompany composite field. Therefore, to minimize unintended side effects, encrypt only those fields that require encryption per the organization's security policy.
  • Standard reports run from the Report wizard do not decrypt encrypted fields. Therefore, encrypted text will appear as a string of meaningless characters in reports that include an encrypted field.
  • Base Fields do not support encryption. Encryption is enabled on a per-field basis within specific entities.


Enabling Field Level Encryption

Follow these steps to enable encryption for a particular data field:

  1. Open or create a view of the Security Keys service.
    • The Security Keys service is located within the Aptify Framework Administration application.
    • You must have the appropriate permissions to access this service.
    • The service includes one default key, the Generic Entity Encryption Key. By default, the sa user and members of the Users, Accounting, and Administrators group have access to this key. 
  2. Do one of the following:
    • Right-click the Security Keys entity and select New Security Key Record from the drop-down menu. Proceed to Step 3.
    • Use the default Generic Entity security key. Open the security record and proceed to Step 4. 
  3. Configure the Security Key's General tab.
  4. Enter a name for the key in the Name field.
  5. Enter an optional description.
  6. Enter between 1 and 50 alphanumeric characters in the Key Value field. Using a large number of characters will make it more difficult for an unauthorized individual to decrypt the data.

    By default, only the sa user has the ability to delete a security key. 


     Security Keys General Tab

  7. Configure the User and/or Group permissions.
    • Click the Group Permissions tab and add Groups, as necessary. The members of the selected Groups can encrypt and decrypt fields that use this key. You should add any user group whose members will need to enter or read values in the encrypted field.
    • Click the User Permissions tab and add Users, as necessary. Each selected user can encrypt and decrypt fields that use this key.
    • Note that a Security Key record will not show up in a user's view of the Security Keys service unless the user has User Permissions or Group Permissions for that specified key. In other words, be sure to add an Administrator group on the Group Permissions tab or the administrative user on the User Permissions tab if you plan to manage the security keys from an administrator account other than the sa user. 
  8. Save and close the record.
  9. Configure the Encryption Block Size attribute for the entity that you want to encrypt, if necessary.
    • The Encryption Block Size attribute determines how many records are processed in each block during the encryption process for the specified entity.
    • By default, the Block Size is 1000 records.
    • See Configuring the Encryption Block Size Attribute for details and configuration instructions. 
  10. Within the Entities service, open the entity that contains the field you want to encrypt.
    • The Entities service is located within the Aptify Framework Administration application.
    • For example, if you want to encrypt the Credit Card Acct # field on the Orders form, open the Orders entity. 
  11. Under the Fields tab, double-click the field that you want to encrypt to open the Fields record.
  12. Click the Security tab.
  13. Select the Encrypt Data option.
  14. Enter the key you want to use for encryption in the Security Key field.
    • Click the blue link to create a new key. See Steps 3-5, above, for more information on creating a key.

       Fields Record Security Tab
  15. Click the General tab and increase the SQL Field Size, if necessary.
  16. Click OK to save changes and close the Fields record.
  17. Save and close the entity record.

 

Aptify will encrypt the specified field in all existing records. This process may take some time depending on the number of records. To minimize potential conflict with users who are entering data into the system, Aptify recommends that you only perform encryption operations after hours when no one is using the system.


Configuring the Encryption Block Size Attribute

The Aptify encryption mechanism processes entity records in blocks. Each block contains a sub-set of the total number of records in the entity. The Encryption Block Size attribute specifies the number of records in a block.
For example, if an entity contains 100 records and the Block Size is set to 10, the encryption mechanism would process records 1-10 as one block, records 11-20 as a second block, and so on.

By default, Aptify uses a block size of 1000 for all entities. If an entity contains less than 1000 records, the encryption mechanism will process all of the entity's records in one block.

The ideal block size varies from organization to organization, but, in general, it should balance the following factors:

  • Speed: Using larger blocks will decrease the time it takes to encrypt a field in all records.
  • Processing Power: Using a block that is too large may require more memory than the server has available. For example, processing 10 million records in one block will most likely exceed the processing capabilities of a typical database server.
  • Status Updates: The encryption mechanism updates the Entity Save status window after it processes each block. Using smaller blocks provides more frequent status updates.
  • Error Reporting: The encryption mechanism reports the status of a block and not the status of an individual record. If an error occurs during encryption, using smaller blocks makes it easier to identify which record caused the problem.

Follow these steps to configure the Encryption Block Size attribute for an entity:

  1. Open the entity from the Entities service.
  2. Click the Configuration tab.
  3. Click the Attributes sub-tab.
  4. Open a new Entity Attributes sub-type record.
    • Click the New Record... button, or right-click in the gray area and select New from the pop-up menu. 
  5. Enter Encryption Block Size in the Name field.
  6. Enter the size of the block in the Value field.
    • Use a value of 1 or greater (integers only). Aptify uses the default block size of 1000 if the attribute's value is set to 0.

      Encryption Block Size Attribute
  7. Enter an optional description, if desired.
  8. Click OK to close the Entity Attributes record.
  9. Click Save and Close to save the change and close the Entity record.
  10. Close and reopen Aptify for the change to take effect.

Aptify uses a default Encryption Block Size of 1000 if an Encryption Block Size attribute record does not exist for a particular entity.


Configuring the Override Show Decrypted Field in View Attribute

Users who have access to the appropriate security key can display encrypted fields within a view in a decrypted format so that exported view results can be viewed in plain text when necessary (See Show Decrypted Field Option for List Views for details). However, there are several cases where this behavior may not be desirable and a possible security risk. In these cases, an administrator can add the ShowDecryptedFieldOverrides attribute to change the default show/hide behavior of encrypted fields within an entity.

  • Note that it is not necessary to add the ShowDecryptedFieldOverrides unless you are changing the default behavior of an encrypted field. Default behavior is as follows:
  • Fields of Extended Type Password and credit card number fields (CCAccountNumber) are disabled by default.
  • All other encrypted fields are enabled by default.

Follow these steps to configure the Override Show Decrypt Fields attribute for an entity:

  1. Open the entity from the Entities service.
  2. Click the Configuration tab.
  3. Click the Attributes sub-tab.
  4. Open a new Entity Attributes sub-type record.
    • Click the New Record... button, or right-click in the gray area and select New from the pop-up menu. 
  5. Enter ShowDecryptedFieldOverrides in the Name field.
  6. Enter the field and the appropriate behavior in the Value field as follows:
    • EncryptedField(Show): Enter the name of the Encrypted field and Show in paratheses if you want to enable the Show Decrypted option for this field within a view.
    • EncryptedField(Hide): Enter the name of the Encrypted field and Hide in paratheses if you want to disable the Show Decrypted option for this field within a view. 
  7. Using a pipe-delimited list, add additional fields and the appropriate show/hide behavior as necessary.

     ShowDecryptedFieldOverrides Attribute


Changing Security Keys for Field Level Encryption

Follow these steps if you want to change the Security Key that Aptify uses to encrypt a specific entity field:

  1. Create a new Security Key from the Security Key service.
  2. Open the entity that contains the encrypted field whose key you want to change from the Entities service.
  3. Under the Fields tab, double-click the name of the encrypted field to open the Fields record.
  4. Click the Options tab.
  5. Enter the new key in the Security Key field.
  6. Click OK to save changes and close the Fields record.
  7. Save and Close the entity record.

 

Changing the Security Key is actually a two-step process. First, Aptify decrypts the data using the old key, and then it re-encrypts the data with the new key. This process affects all records in the entity and may take some time depending on the number of records. To minimize potential conflict with users who are entering data into the system, Aptify recommends that you only perform encryption and decryption operations after hours when no one is using the system.


Disabling Field Level Encryption

Follow these steps to disable field level encryption:

  1. Within the Entities service, open the entity that contains the field that has encryption enabled.
  2. Under the Fields tab, double-click the field for which you want to disable encryption to open the Fields record.
  3. Click the Options tab.
  4. Clear the Encrypt Data option.
  5. Click OK to save changes and close the fields record.
  6. Save and Close the entity record.

Aptify will decrypt the specified field in all existing records. This process may take some time depending on the number of records. To minimize potential conflicts with users who are entering data into the system, Aptify recommends that you only perform encryption and decryption operations after hours when no one is using the system.


About the Field Level Encryption Implementation

Aptify uses the Cryptographic Services included with Microsoft .NET Framework 2.0 to encrypt and decrypt data files. The AptifySecurityKey assembly implements the Rijndael symmetric encryption algorithm by default, but also supports the Data Encryption Standard (DES) algorithm for backwards compatibility (version 3.5 used a DES implementation).

See http://msdn2.microsoft.com/en-us/library/93bskf9z.aspx for information on the .NET Framework's cryptography model.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.