Understanding the Encryption of Sensitive Data

Posted: September 30, 2010

A new function was added to Publishers' Assistant Version 5.1 to encrypt sensitive data. This includes the credit card account number field in the receipt and customer profile screens, as well as the federal ID number in the contact screen. These fields are encrypted when you store the record to the database. The field on the screen actually presents the encrypted data until your cursor enters the field. That is intended to keep prying eyes away as well. This new function is a step toward better security for this sensitive data, should someone with malicious intent get a copy of your database.

In order to use this new function, you need to take the step of encrypting your existing data. Make sure that you have registered your copy of Publishers' Assistant. An unregistered copy will not encrypt sensitive data. That, of course, should be a clue that your encryption is tied to your registration. Thus, one PubAssist user will not be able to decrypt another PubAssist database.

To begin the process, choose "Tools>System Maintenance>Encrypt Sensitive Data" on the PubAssist menu.

Screen shot of "Encrypt Sensitive Data" menu selection and screen.

The Encryption screen will be launched. Click on the "Begin Encryption" button to begin the process. It will take a few minutes to run.

Now, when you enter a screen with sensitive data, like the receipt screen, the sensitive data will be encrypted.

Screen shots of Receipt screen.

Note that when your cursor enters the credit card field, the account number is decrypted. You can edit the content as usual. When you exit the field, it will immediately be re-encrypted. Similar encryption fields have been implemented on the Customer Profile screen and on the Contact screen.

The Encryption function has no way of telling whether the value of a field has already been encrypted. So, you will want to take care not to use the Encrypt Sensitive Data function more than once. If this happens, you can run the "Decrypt Sensitive Data" to get back to the previous encryption.

This is a good time to stress the importance of backing up your data prior to running the Encryption or Decryption functions.

Since the encryption function can't tell whether the data has previously been encrypted, an external mechanism is needed to indicate the state of your encryption. So, a System-Wide Option has been added.

The Encryption option in the System-Wide Options screen.

(Note: This option was not actually implemented until Version 5.1b.)

You may need to manually set this option on or off if your encryption state is out of synch'. This might happen, for example, if you restore a non-encrypted database after Encrypting Sensitive Data, or vise-versa.

Note as well that the Invoice report form has recently been updated to decrypt the "masked" credit card information in the payment information box. There are a couple of other reports that present credit card information. No change has been made to these reports as of this writing. It's not completely clear whether these reports are still in active use. It's also not completely clear how these situations should be handled. So, I'm taking a wait-and-see attitude.

A sample invoice report with credit card payment information.

Well, that's about it. I hope this new function helps our users rest a little easier about the sensitive data you may have in your PubAssist database.