Skip to main content

Encrypting the values of sensitive properties

Suggest edit
Updated on July 1, 2021

In the HRApp application, ensure that the Social Security number and salary properties are encrypted in all Pega Platform data stores (the database and Elasticsearch index files, in memory, and on the clipboard). Ensure that they are decrypted only when they are displayed in the user interface.

Before you begin: Complete the following steps:
  1. An encryption key is defined in a key management system (KMS) outside of Pega Platform.
  2. A keystore instance is defined in Pega Platform that refers to the encryption key.
  3. The Keystore field in the Application data encryption section of the Data Encryption landing page refers to the keystore in step 2, and the Activate button has been clicked to activate the keystore.
  4. In the Employee class, a property named SSN defines the employee’s Social Security number and a property named Salary defines the employee’s salary.
Do these steps to ensure that the SSN and Salary properties are encrypted in all data stores, in memory, and on the clipboard. You can combine property encryption with property masking.
  1. In Dev Studio, create an access control policy for an Apply to class equal to Employee and Action equal to PropertyEncrypt.
  2. Click Add property and in the Property field, enter SSN.
  3. Click Add property and in the Property field, enter Salary.
Did you find this content helpful? YesNo

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us