Skip to main content

.Row Encryption

The Row Encryption is another form of protection options that is used for encrypting the data in the files or objects. This option is applicable only on the text files which are in the unstructured format. It encrypts the entire row of the file where sensitive data exists.

*Note: A policy must be defined when performing encryption or decryption.

E.g., in the below image, when sensitive data under FULL_NAME column is detected, entire row is encrypted using Row Encryption option. For Instance, when the full name for ‘Mr. Rashad Andres Chretien’ is detected in the first row, the entire data in that row gets encrypted irrespective whether the row consist of any other sensitive data or not. Similarly, the data for Mrs. Irina Sheena Klebe and for others gets encrypted when name of the customer is detected in FULL_NAME column.

When encrypting the data in a file using Row Encryption, it is necessary to define the domain definition in Domain screen. The key specified in the domain is used for encrypting the data.

E.g., with the reference to below image, to encrypt the Full Name or Part Names in the email context using Row Encryption option, follow the below steps for implementing the same.

  1. Define a domain before encrypting the data. In this screen, source and destination directories are specified for files that are marked sensitive for encryption. Domains are created with the default Java KeyStore that is included with the PK product.

    Mention Domain Name, Description, IDP, FP Encryption Key Password, FP Encryption Salt, and FPM/SL Passphrase.


    In the Domain screen, assign the policy with the domain. Now, select the directory from the Selected:<database_directory> drop-down in the bottom panel.


    Click the Add Directory button to add the directory where the source file is kept. The below window pops up.


    Click Browse button to search for the source directory. The browser panel appears. Navigate to the directory where the file is kept for the encryption. Click Select to select the directory path navigated on this screen, else click Cancel.

  2. Next step is to create a task in the Add New Task Definition screen. Enter the details such as Task Name, Task Description. Select the Row Encryption in the Task Type drop-down.

    Select the file or object to include for encryption in the Manage Scan Locations panel by clicking on Select Directories button. On selecting, it displays the domain to which the selected file or object is associated.

    The compliance policy automatically gets selected in the Select Policy panel when a file is selected in the Manage Scan Locations for encryption. The sensitive types associated with the policy are displayed in the Sensitive Data Types panel. Click Save and Execute to save and execute the task.

  3. Once the task has been executed successfully, you can view the encrypted file in the destination location specified in the domain. For the above example, the destination location of the encrypted file is ‘/tmp/maskOut.

    In the below image, when Full Name or Part Names are detected in the file. The entire email content gets encrypted using Row Encryption, irrespective whether that line consist of any other sensitive type or not. For Instance, when sensitive type John is detected in the email body, the entire data is encrypted.



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.