Hi all,
I know Appian offers DB encryption for Advanced or Enterprise Support customers on cloud only. But what about on premise customers? Can they encrypt their database? As far as I know it is posssible but can you tell me how? Do we need to encrypt the data just before persisting it and decrypt it after reading it with some kind encryption/decryption rule? Or is it possible to use a more automated tool?
I would appreciate if someone could send documentation about it
Thanks a lot!
Discussion posts and replies are publicly visible
We need to talk about what kind of encryption you mean. File system, table space or field level?
De-/encryption inside Appian is awful and absolutely not recommended.
Appian itself does no know about encrypting data going to DB. Everything else is left to your IT department.
What requirements do you have?
Hi Stefan. The requirement here is to encrypt the DB. If the IT department encrypts the database, how do the appian processes know how to decrypt the data when a process reads it?
"encrypt the DB" is to unspecific ... sorry ... you will need to find out what the actual requirement is.
I think they mean that the data stored in the business schema is encrypted. I think they are worried about business data (sensitive data) stored in the database. Is that more specific or what else do we need to know?
Something like this https://docs.appian.com/suite/help/21.2/Appian_Cloud_Database_Encryption.html but for on premise customers.
Then this is table space encryption. Meaning that the DB encrypts files it writes to disk. Appian does not care about this as DB manages that on its own.
thanks Stephan, and how does it work? whenever we query data from the DB (either with a DB client or with an appian process) it comes unencrypted, but the data is stored in encrypted files?
DB will encrypt data is it writes to disk. You will need to keep an eye on who has access to these systems. Make sure to enable SSL on JDBC connection level to have data in transit also encrypted. Appian itself does not persist data by default.
If you want to use synced records, you might need to check who has access to the Appian data server.
Thanks Stefan, my concern was that when Appian accesses the data it is encrypted but I understand it is only encrypted in the file system, not the data returned by a query.