Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Encrypting the values of sensitive properties

Updated on July 1, 2021

In the HRApp application, ensure that the Social Security number and salary properties are encrypted in all Pega Platform data stores (the database and Elasticsearch index files, in memory, and on the clipboard). Ensure that they are decrypted only when they are displayed in the user interface.

Before you begin: Complete the following steps:
  1. An encryption key is defined in a key management system (KMS) outside of Pega Platform.
  2. A keystore instance is defined in Pega Platform that refers to the encryption key.
  3. The Keystore field in the Application data encryption section of the Data Encryption landing page refers to the keystore in step 2, and the Activate button has been clicked to activate the keystore.
  4. In the Employee class, a property named SSN defines the employee’s Social Security number and a property named Salary defines the employee’s salary.
Do these steps to ensure that the SSN and Salary properties are encrypted in all data stores, in memory, and on the clipboard. You can combine property encryption with property masking.
  1. In Dev Studio, create an access control policy for an Apply to class equal to Employee and Action equal to PropertyEncrypt.
  2. Click Add property and in the Property field, enter SSN.
  3. Click Add property and in the Property field, enter Salary.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us