Things to Consider Before Running Encryption

The encryption (or decryption) process for the bank account numbers should only be run when users are not allowed to access or update the bank account numbers in the database.

In most cases, the encryption process needs to be run only once unless there is compelling reason to do so again later (for example, changing to a new encryption profile). While it is not practical to prevent users from accessing the system during the encryption run, there are certain pages, processes, and programs from which users must be locked out in order to prevent inconsistent or unpredictable outcomes. They are:

Pages:

• Employee Self-Service Direct Deposit page.

• Administer Request Direct Deposit page.

• Deduction Distribution Information page from the Garnishment Spec Data 6 page (U.S.).

• Source Banks Account page.

• (USF) Employee Deduction Distribution page from the Create General Deductions page.

• (USF) Distribution Information page from the Voluntary Deductions page (employee self-service page).

• (USF) Deduction Distribution information page from the General Deduction Distribution page.

• (USF) GVT Employee Distribution page from the Garnishment Payee Table page.

• (USF) Deduction Distribution Information page from the Garnishment Spec2 page.

• (USF) State Tax Routing 1 page.

• (USF) Locality Tax Routing 1 page.

Batch processes: The Confirm process.

Programs that access account details: DDP001, DDP001CN, DDP002, DDP003, DDP003CN, DDP004, DDP005, DDP006, FGPY040, FGPY041, PAY003, PAY003CN, PAY040, PY_DIRDEP, and TAX870EU.