Things to Consider Before Running Encryption

The encryption (or decryption) process for the bank account numbers should only be run when users are not allowed to access or update the bank account numbers in the database.

In most cases, the encryption process needs to be run only once unless there is compelling reason to do so again later (for example, changing to a new encryption profile). While it is not practical to prevent users from accessing the system during the encryption run, there are certain pages, and processes from which users must be locked out in order to prevent inconsistent or unpredictable outcomes. The pages and processes are:

• Employee Self-Service Direct Deposit page.

• Administer Request Direct Deposit page.

• Export processes.