Configuring Automatic Field Encryption in eCatalog


Customizing Data Security at the Field Level:

Automatic Field Encryption is a powerful feature in eCatalog designed to enhance data protection by encrypting sensitive information stored in database fields. This configuration allows administrators to specifically target and secure data that is critical or sensitive without impacting other database operations.


Detailed Configuration Steps:


  • Selecting the Target Data Source and Table:
    Data Source/Table Selection: Administrators begin by identifying and selecting the data source and specific table within eCatalog where the encryption will be applied. This step is crucial for defining the scope of encryption
  • Defining Properties to Encrypt:
    Property Specification: Within the chosen table, administrators must specify which properties (fields) need encryption. For the encryption process to be applicable, these fields should be of string, nvarchar, or varchar data types and must have a minimum size of 500 bytes to ensure adequate space for encrypted data.
    Example Setting: In a practical scenario, if an administrator wants to encrypt the "Discipline" field in the "Demo_Appointment" table, they would specify this field under the property settings.
  • Choosing the Encryption Provider:
    Encryption Provider Selection: Administrators select the encryption provider from a list of available options. This choice determines the encryption algorithm and method used, such as AES, RSA, or any custom encryption service configured within eCatalog.

    Provider Capabilities: Each encryption provider might offer different levels of security, performance implications, and compliance with various standards, so choosing the right provider is essential for meeting specific security objectives.


Benefits of Precise Field Encryption Configuration:


  • Targeted Security
    By encrypting only specific fields, eCatalog allows for efficient use of resources, ensuring that encryption does not unnecessarily burden the system while still protecting critical data.
  • Compliance and Flexibility
    This feature supports compliance with privacy laws and regulations that require protection of personal or sensitive data, offering flexibility in how compliance is achieved.
  • Seamless User Experience: 
    Since the encryption operates at the field level within the database, the user experience remains unaffected. Users interact with the system as usual, unaware of the underlying security measures protecting the data they input.


Best Practices for Field Encryption Setup:


  • Regular Updates
    Regularly review and update the encryption settings to adapt to new security challenges or changes in regulatory requirements.
  • Encryption Key Management
    Ensure that encryption keys are managed securely, with access controls and key rotation policies in place to prevent unauthorized access.
  • Performance Considerations
    Monitor the performance impact of encryption, especially if applying it to fields in high-use tables, and adjust configurations as needed to balance security and system efficiency.