Encryption

Overview

Encryption is the reversible transformation of data from the original (plain text) to a difficult-to-interpret format (cipher text).

Permanent Data Store Encryption

Sensitive data in the Simphony database is encrypted using industry standard AES256 encryption. Each encrypted piece of data has a link to an entry in the encryption key table, which is also encrypted using AES256 encryption. Simphony provides an EMC Key Manager module to create, rotate, and delete encryption keys. All data that needs to be stored in the database in encrypted format is automatically encrypted using the latest encryption key.

Note:

Caution: If the encryption key is lost, the encrypted data in the database is unrecoverable. There are no backdoors!

Client Data Store Encryption

Workstation operations need to store a local copy of the data that contains sensitive information that needs to be encrypted. Since employees usually have full access to the workstation, the decryption key is not stored on the workstation to prevent a potential security risk.

Using asymmetric encryption, the public key contained within the authentication token encrypts the data, but only the database containing a corresponding private key is able to decrypt data during playback.

Encrypting Data Transmission

Simphony supports HTTPS protocol for secure data communication. The TLS 1.2 configuration process requires the use of a certificate generated by a trusted certificate authority. Refer to the Simphony Installation Guide for information about the installation of secure certificates.

Key Manager

The EMC Key Manager module allows the database encryption pass phrase, the transmission key and the integrity keys to be changed. The database encryption pass phrase is used to encrypt secure data (credit card numbers, etc.) in the database; its value can be defined based on site security needs. The transmission key is the encryption scheme for network traffic; this key is not user-defined. The integrity keys are used to ensure that certain sensitive files that are transmitted to workstations have not been tampered with in transit or at rest.

Key Rotation Considerations

In order to achieve maximum security, Oracle Food and Beverage mandates the system administrator regularly rotate the site’s keys, at least annually, and delete any old or comprised encryption keys. Simphony’s entire design of data encryption, key generation, and storage is built to facilitate such practice. For more information, refer to the About the Simphony Encryption Key Manager Module.

A privileged employee may conduct key rotation in the EMC within the Enterprise level, Tasks tab, and Key Manager Tab. To authorize an employee to access the Key Manager module, the Key Manager action must be enabled within the EMC Roles module Actions tab. Only grant this authorization to the site’s system administrator who is familiar with the site’s management procedures and encryption key custodian duties.

Enabling

For detailed instructions about enabling the Key Manager Module and secure key practices, see Appendix C: Key Manager Manual.