Cinchy Platform Documentation
Search…
Cinchy v4.0.0
Cinchy Guides
API Guide
Deployment Guide
Enable Data At Rest Encryption
How to enable and other information in relation to REST Encryption
Cinchy 2.0 has added the feature to encrypt data at rest. This means that you can encrypt data in the database such that users with access to view data in the database will see ciphertext in those columns. However, all users with authorized access to the data via Cinchy will see the data as plain text.
In order to use this feature, your database administrator will be need to create a database master key (see below for instructions).
Create Master Key in Database
Connect directly to the database Cinchy is currently using.
Run the below query to create your master key - password to be used should adhere to your organization's password policy.
1
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password';
Copied!
You can now encrypt data via the user interface
Now Encryption option is available for column types supported via UI.
Backup Master Key
After you have created your master key you can create a backup file of that key in case any data corruption occurs in future. You will need the password you used to create your master key in order to complete this operation.
1
BACKUP MASTER KEY TO FILE = 'path_to_file'
2
ENCRYPTION BY PASSWORD = 'password'
Copied!
Restore Master Key
In the use case where you require to restore your master key due to data corruption use the command below to do so. You will need the password you used to create you master key in order to complete this operation.
1
RESTORE MASTER KEY FROM FILE = 'path_to_file'
2
DECRYPTION BY PASSWORD = 'password'
3
ENCRYPTION BY PASSWORD = 'password'
4
[ FORCE ]
Copied!
Last modified 3yr ago
Copy link