Five New Optimizely Certifications are Here! Validate your expertise and advance your career with our latest certification exams. Click here to find out more
AI OnAI Off
Encrypting customer information in commerce database
For the first question, Commerce database can use SQL Server encryption to encrypt/decrypt data. One example is the CreditCard information, which is encrypted by default.
Unfortunately, use encryption means your database will not be Azure - compatible (because SQL Azure does not support encryption), and there's no easy way to indicate a specific customer information is encrypted (Which is unlike the encryption option for metafield, you only need to turnon the value when you create it).
I think the simpler way for you is to extend CustomerContact class and use encryption in Application level, instead of use database-level encryption.
Regards.
/Q
Jan 26, 2015 7:41
Hello Quan,
Thank you for your response. I was also thinking about using the application level encryption, though I was wondering whether EPiServer offers any support (aside from the metafield encryption).
Thank you,
Roxana
Jan 26, 2015 9:48
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
Hi,
I am trying to find the best approach regarding encryption of customer information in the commerce database (name, email, phone number, shipping address, billing address)?
Basically, someone owning a backup of the commerce database should not be allowed to acess any customer information.
Thank you,
Roxana