Confidential / restricted data

Confidential / restricted data

We have a requirement to separate confidential/restricted data elements from the other entity's attribute.

For example: account balance, address, social security #/ID, should not be stored together.

I am looking for ideas for how people handled such requirement (outsourced that data storage, separate tables, encryption, etc.)

Any ideas are welcomed.


Hi Chaim:

There are several ways to address that issue that I can think of:

- One way encryption/hashing - for elements that are only used for validation, one thing you can do is use the Encrypt built-in function that generates a hash and then allows you to compare with it every time the use enters it.

- Reversible encryption - for elements that need to be stored securely but then retrieved you can use the crypto extension that comes with enterprise manager to have a strong encryption before sending them to the database. This prevents you from searching on that field too.

- Separate Espaces -  depending on the edition you have on the platform you are able to allow only certain developers to reference certain espaces. In this case you can make segregate sensitive data to an espace that has restricted access.

- Data segregation - You can store the information on an external source and access it via a direct connector or webservices.