Set Up Database Encryption
|
Access this form with Administrative user rights using Security>Set Up Database Encryption. It is only available if the Advanced Security module is installed and if your data is stored on SQL 2008 R2 or higher. |
Use this form to encrypt sensitive information stored in your database, such as Social Security Numbers, Tax Identification Numbers, Driver's License Numbers, State-Issued Identification Card Numbers, and Financial Account Information. The purpose of this feature is to keep personal and financial information safe by removing it if the system database is compromised. In the event of disaster recovery, you will need the Enable and Backup Passwords to recreate the server environment, along with the MIPServiceMasterKey.BAK file and the most up-to-date backup of the organization's system database. Without these, the encrypted data is lost and there is nothing that MIP can do to remedy the situation. It is essential to store the MIPServiceMasterKey.BAK file and passwords someplace safe as well as keep regular backups of the organization's system database.
- Open the Set Up Organization Menus form, with Administrative user rights using Security>Set Up Organization Menus, to set up security rights for a user or group in the active organization and assign the rights to the Set Up Database Encryption form.
- Highlight the Set Up Database Encryption menu selection in the Set Up Menus box (located by expanding Accounting and Security), then select the Process Records check box to grant the user or group (depending on what was selected in the Type box) to perform processing rights.
- Click the Save button and close this form.
- Close the active organization.
- Open the organization and log on as the user that was given processing rights in the first step.
- Open the Set Up Database Encryption form using Security>Set Up Database Encryption. This form is not available when the default User Admin is logged on to the organization's MIP Fund Accounting system.
- Open the organization and log on as a user with processing rights. The Set Up Database Encryption form is not available when the default User Admin is logged on to the organization's MIP Fund Accounting system.
- Open the Set Up Database Encryption form using Security>Set Up Database Encryption.
- Verify that the top of the form displays: Database encryption is disabled.
- Click the Enable button to encrypt sensitive information in the organization's system database using a symmetric key.
- Enter a strong Password.
- Enter the strong Password again in the Confirm Password field.
- The Enable Encryption process form displays.
- Click the Finish button when the Enable Encryption process has completed successfully.
- Click the Backup button to manage the Service Master Key by creating a backup.
- Enter another strong.
- Enter the strong password again in the Confirm Password field.
- Locate and copy the MIPServiceMasterKey.BAK file to removable media and store it in a secure off-site location.
- Once you have enabled encryption, you will be responsible for keeping the passwords and MIPServiceMasterKey.BAK file safe and the organization's system database regularly backed up. If the encrypted data is lost, there is nothing that MIP can do to remedy the situation.
If you migrate or move the organization's system database from the server installation to another computer, you can restore the Service Master Key to regain access to encrypted sensitive information.
- Install the MIP Fund Accounting software on the server.
- Restore the latest organization system database to the new computer.
- Be sure that the MIPServiceMasterKey.BAK is installed on the new computer.
- Open the organization and log on as a user with processing rights. The Set Up Database Encryption form is not available when the default User Admin is logged on to the organization's MIP Fund Accounting system.
- Open the Set Up Database Encryption form using Security>Set Up Database Encryption.
- Click the Restore button to regain access to encrypted sensitive information.
- Enter the Enable Password
- Enter the Backup Password
- Return to work as normal.
Accounts Payable Users
If your organization's system database is compromised and you do not have pre-printed checks*, you will not be able to process checks until all of the sensitive information is manually re-entered.
* You should be able to print your Accounts Payable and Payroll checks if you have pre-printed check stock that contains your bank account numbers and routing numbers.
Accounts Receivable Users
If your organization's system database is compromised, you will not be able to process invoices until all of the sensitive information is manually re-entered.
Direct Deposit Users
If your organization's system database is compromised, you will not be able to create a direct deposit banking file when processing payroll until all of the sensitive information is manually re-entered.
Electronic Funds Transfer for A/P Users
If your organization's system database is compromised, you will not be able to send electronic payment information (NACHA formatted file) to the bank when processing Accounts Payable invoices until all of the sensitive information is manually re-entered.
Forms Designer Users
If your organization's system database is compromised, you will not be able to print forms that contains any of the sensitive information.
Payroll UsersIf your organization's system database is compromised and you do not have pre-printed checks*, you will not be able to process payroll checks until all of the sensitive information is manually re-entered.
* You should be able to print your Accounts Payable and Payroll checks if you have pre-printed check stock that contains your bank account numbers and routing numbers.
Sensitive information is defined as magnetic stripe data, validation codes/values and PIN data.
Protected/Personal data is defined as first name and last name, or first initial and last name in combination with any one or more of the following:
- Social Security Number
- Tax Identification Number
- Driver's License Number
- State-issued Identification Card Number
- Financial Account Information with or without any required codes that would permit access to financial information includes;
- Credit Card Number, PAN (primary account number), and Expiration Date
- Debit Card Number, PAN (primary account number), and Expiration Date
- Bank Account Numbers
- etc.
Enable: Select this button to encrypt sensitive information stored in your database. Sensitive information includes Social Security Number, Tax Identification Number, Driver's License Number, State-issued Identification Card Number, Bank Account Numbers, Credit Card Number, Credit Card PAN (primary account number), and Credit Card Expiration Date, and Debit Card Number, Debit Card PAN, and Debit Card Expiration Date. In the event your database is compromised, the sensitive data in the tables will be unreadable. See above for more information about Sensitive information.
Password requirements:
- Include at least one uppercase and one lowercase letter
- Include at least one number
- Cannot contain spaces at the beginning or end
- Cannot be one of the last 6 passwords used
The system will encrypt all the modules that contain sensitive information. Click Finish to complete the Enable process. The message at the top of the form displays: Database encryption is enabled.
Be sure to record this password and store it in a safe off-site location. This password will be required if you ever need to restore your data to a new instance of SQL Server.
Disable: Select this button to reverse the encryption process. Sensitive information will again be easily readable in your database tables. The message at the top of the form displays: Database encryption is disabled.
Backup: Select this button to create an encrypted copy of your Service Master Key. The Service Master Key is the root of the SQL Server encryption hierarchy. It is important to locate the MIPServiceMasterKey.BAK file, copy it to removable media, and store it in a secure off-site location, such as a safe deposit box. This information is required to restore full functionality to your encrypted database in the event of a major system change. Without it, your sensitive encrypted information will be lost. If lost, you will have to manually re-enter all of your sensitive information again. See above for more information about Sensitive information.
Password requirements:
- Include at least one uppercase and one lowercase letter
- Include at least one number
- Cannot contain spaces at the beginning or end
- Cannot be one of the last 6 passwords used
This password will be required if you ever need to restore your data to a new instance of SQL Server.
Restore: In the event of a major system change to your database server, select this button to re-establish the keys used to encrypt your sensitive information. The Enable and Backup Passwords are necessary to restore your data to a new instance of SQL Server. You will also need the most up-to-date backup of your existing organization and system databases.
- Modules that are affected by Encryption: General Ledger, Accounts Payable, Electronic Funds Transfer for Accounts Payable, Payroll, Direct Deposit, and Accounts Receivable.
- Passwords can be copied and pasted using Ctrl+C and Ctrl+V or by right-clicking the highlighted password and selecting Copy or Paste.
- If you find Encryption enabled but not working properly, click Restore. Enter your Enable and Backup Passwords. Your database will be returned to it's safe encrypted state and all sensitive information will remain safe in the database. However, if the Enable and Backup Passwords are lost or the MIPServiceMasterKey.BAK file cannot be restored, all of your organization's system database sensitive information will be lost and cannot be restored. The only way to restore this information is to manually re-enter it into the organization's system database. Until the information is entered, you will not be able to process A/P checks, A/R invoices, or Payroll checks, including EFT for A/P and Direct Deposits.