Understanding the Encryption Framework
The Encryption Framework provides pages for identifying sensitive information in applications and an application engine (AE) process that encrypts and masks sensitive data that is stored in the database.
This table shows a change in data values stored in the database after the encryption process is run. In this example, the encryption process encrypts the value of the ACCOUNT_NUM field in the DIR_DEP_DISTRIB record for Payroll for North America.
After the encryption process is run successfully, the ACCOUNT_NUM field stores the masked account number, and the PY_BANKACCCRYPT field (which was added to the record to store the encrypted value) stores the encrypted account number.
|
Encryption Run |
Source Record (Example: DIR_DEP_DISTRIB) |
|
|---|---|---|
|
Field |
Value |
|
|
Before |
ACCOUNT_NUM |
1234567890 |
|
PY_BANKACCCRYPT (new field) |
[blank] |
|
|
After |
ACCOUNT_NUM |
XXXXXX7890 |
|
PY_BANKACCCRYPT (new field) |
9WwdDcA3l/uYpYKM+uSmsw== |
|
Note: After encryption is run, the encrypted bank account numbers stored in the database can't be viewed on any delivered online page. The masking of account numbers on online pages is controlled by the Direct Deposit options on the Payroll for NA Installation page. Refer to the Direct Deposit Installation Options and Data Masking topic for more information.
To comply with Nacha’s data security requirements, which request that deposit account information be rendered unreadable when it is stored electronically, Global Payroll for United States, Payroll for North America, and Payroll Interface leverage the Encryption Framework to encrypt and mask bank account numbers in the database.
Note: When encryption is run on a source record, all future additions, updates, changes will be automatically encrypted. For instance, when an employee adds new direct deposit data after the encryption process is run, the account number stored in the database will automatically be encrypted and masked. You only need to run the encryption once per source record.
The framework provides robust setup options to meet your data encryption requirements. Use the setup component to:
Define source records, which are the “source of truth” records that store and maintain the sensitive data in the database.
After the encryption process is run, the source record stores the sensitive data masked, and its encrypted value in the new field added in the source record to store encrypted data.
Determine whether the encryption applies to all or country-specific set of data in a source record.
Grant role-based access to administrative users who need to view the unmasked data, if applicable.
Define process records to map with application batch processes that require data to be unmasked in outputs, if applicable.
Clean up staging tables that may contain unmasked or decrypted data.
See Also Setting Up the Encryption Framework.
The Encryption Framework delivers the Manage Encryption and Masking (HCCRYPTAE) AE process to encrypt and mask data in the HCM system. The run control page provides options to:
Encrypt or decrypt data in source records based on the current encryption status.
Mask or unmask data in process records, if available, that are defined for source records.
See Also Manage Encryption and Masking Page.
Some batch processes are required to display the actual values of the sensitive data in their outputs (report files or pages). For example, the account numbers that appear in direct deposit transmit files created by the DDP001 process in Payroll for North America need to be unmasked.
The Encryption Framework supports the unmasking of data to be used in the outputs of batch processes in applications. Setup includes:
Defining the process record. This step defines an association between a source record (which stores the encrypted data) and the process record (which stores the masked data by deriving it from its source record).
Maps the application batch process that is required to display unmasked data in its outputs to a source record (from which the encrypted data is retrieved), and a source staging record (from where the data unmasking occurs).
During the application batch process run, the framework copies the required data from the source record over to the source staging record for decryption. The framework process also copies the required data from the process record over to the process staging record. After that, the framework process unmasks the data in the process staging record using the decrypted data in the source staging record. The application batch process can then retrieve the actual values of the sensitive data for use in its outputs.
See Also Define Process Records Page and Map Batch Processes Page.