Data Encryption
Allow option to have bizform and custom table data be stored in an encrypted format.
anonymous
shared this idea
Hello
Have you considered native encryption at the SQL Server?
18 comments
-
John Fecteau
commented
Any update on this?
Lacking field level encryption has really limited what we can/can't do with Custom Forms. And have now had to start exploring alternatives due to business needs.
-
Jonathan Healey
commented
TDE is fine where customers are on Windows Azure or already have SQL Enterprise licencing. In most circumstances if the customer is already committed to SQL Standard edition the cost of upgrading is prohibitive. This feature is a good candidate to only be available in EMS edition. For customers who need it upgrading from a lower licence edition would always be cheaper than any other option available to them
-
Anonymous
commented
sd
-
Anonymous
commented
as per US law we need to store data Encrypt data in DB
this should be in kentico. biz form -
Hi,
Have you considered native encryption at the SQL Server?
See https://www.youtube.com/watch?v=oHmz5q0YtD8
Would that work for you?
-
Dave Nelson
commented
We also require field level encryption for sensitive data, today we solve this by not using Kentico for our forms that contain personal information. It would be fantastic to have a checkbox in the Field Editor to encrypt particular fields.
-
craig
commented
With more and more cyber attacks making main headline news I find customers increasingly asking more about personal data security and encryption...I can only see it becoming a standard requirement in not so distant future. Defo worth pushing for in bizforms at least
-
Jason Sherrill
commented
Dominik,
We went the route of building our module to handle encryption of BIzForm fields so it's not as critical now, but it would still be a valuable addition to Kentico as a core feature given the security climate.
-
Hi Jason,
unfortunately, this feature will not make it to Kentico 9. We will consider to add it in the next release. -
Jason Sherrill
commented
I'm curious where this stands and if there are any plans to implement this?
-
Hi Jason,
I did not realize that sometimes you don't have access to SQL server, now it makes totally sense to have it supported on Kentico level. Thanks for the explanation! -
Jason Sherrill
commented
Dominik,
When build the forms outside of Kentico using a separate .NET encryption component that provides AES encryption.
In Kentico v6, we had used a beta component that Kentico was working on and had good results with it. We have updated the Kentico component for use in v8.1, but given that it's beta, we are limited in the projects where we can use it.
Whole db encryption is an option with some projects, but not as versatile given that we don't always have control over the SQL environment on projects. It would be a far better option for us and our clients to have the beta component go RTM in the Kentico product.
Thanks!
-
Hi Jason,
thank you for the comment about urgency of this functionality. I have one question, how do you solve it today if there is such requirement? Do you use different system than Kentico? What about transparent data encryption which is part of the SQL server, can you use this solution? If not, can you please tell me, why does it not cover your needs? -
Jason Sherrill
commented
With data encryption not only a growing wish among customers, but in more & more industries a mandated compliance requirement, the lack of a data encryption component for forms that collect customer data is becoming a sales hurdle this year for customers considering Kentico.
-
Aaron Newton
commented
I would like to see this for custom table data as well.
-
Hi,
first of all - yes, it is planned but unfortunately there are still other requirements which have simple higher value for us and our customers (you can achieve this on database level for example).Our plan is to support any type of data within the Kentico CMS so your scenario should be covered as well.
-
John Bubriski
commented
It would be interesting to know how this is going to be implemented as well.
-
David Bohner
commented
I would like to expand this feature to include custom Document Type data. Looks like this has been talked about for years, but is it actually planned?
