cancel
Showing results for 
Search instead for 
Did you mean: 

Decipher Install - Pre-Create Database

RafaelRomero
Level 3
Hello,  will the decipher installer work if I create an empty Decipher database in advance of running the installer? 
IE. Decipher installer will recognize that that Decipher Database exists and will apply the new schema to that database as opposed to creating a new database.

Thanks!
-Rafael

------------------------------
Rafael Romero
------------------------------
5 REPLIES 5

LukasRamasauska
Level 5
Hi, Rafael,

We had same question when trying to install Decipher IDP v2.1 which includes Reporting DB as a new feature. Unfortunately, installation failed with pre-created empty DBs at all. Also, in addition, in order to deploy Decipher with reporting DB from scratch, the service account (which will run the service) and installation is performed on it's behalf, must have VERY HIGH privileged access/role of DBCreator on DB server's level. It is very big security risk and potential breach if that's prod environment, and DB server contains multiple DBs for various services. You see, any careless action and not only Decipher may stop working 🙂

Another our find: On the other hand, during proof-of-concept verification, we found that Reporting DB is not so useful as performance, KPI, OKRs etc can be evaluated through processes queue items later. As storing all scanned fields in reporting DB just duplicates the potentially personal data and may be compliance breach of GDPR and other data management regulations. Thus we plan to go with plain Decipher (without reporting DB) and with pre-created empty DB for Decipher Core. .. and due to other "features" of Decipher we are waiting for v2.2 to be released.

Long story short, we wait for v2.2 and we hope that pre-created DB for deployment will be used without any high accesses required.

------------------------------
Lukas Ramasauskas
RPA Software Engineer
Swedbank AB
Europe/Vilnius
------------------------------

Thank you Lukas for the insight!  Great information.

------------------------------
Rafael Romero
------------------------------

Hi @LukasRamasauska @Rafael Romano,

I can confirm that Decipher does not currently support the ability to install onto pre-created databases and as such requires the installer to have sufficient privileges to update the target database. From Decipher 2.1 silent install is supported, but I don't believe this changes the requirement for the installer to target a fresh database for the install.

With respect to the reporting database. The OCR and capture data are not duplicated, which means that there should be no document level data being copied over. Please can you advise if you have found any sensitive information elsewhere on the reporting db?

The concept of the reporting database is that the administrator can set a shorter data retention period without affecting the reporting. In addition it reduces the load on the main database where the reports are interrogating it regularly for information. There will be a new reporting process included with v2.2 that is run in Blue Prism based on utilising the reporting tables in the reporting database, so it will become more useful. We then aim to have this revised reporting in v2.3.

Thanks​​

------------------------------
Ben Lyons
Senior Product Specialist - Decipher
Blue Prism
UK based
------------------------------
Ben Lyons Senior Product Specialist - Decipher SS&C Blue Prism UK based

Hello, Ben,

Regarding the pre-created DBs, that's sad as we look forward that BP will find the way how to install Decipher into pre-created DBs (same as it is possible with Blue Prism itself).

Regarding duplicates I was referring to data itself in Deciphers DB and Blue Prism's DB, as scanned/aggregated information becomes available in Decipher Reporting DB, and also in Blue Prism's infrastructure as BP queue items (which usually are the key performance/quantity indicators).
In addition to this v2.1 reporting feature, we have noticed that there is no way how to limit access - i mean - to get selective reports for different users (groups). I.e.: if we have two teams "Blue Boys" and "Red Devils" on-boarded to Decipher v2.1, we can have selective access to Classification and Verification sections for each team without peeking into other's data. But if we enable that reporting feature, then "Admins" from both teams will access full reporting data (which is the GDPR, DPIA, CIA topics and so on). Jumping a bit upfront - BP mentioned that improved RBAC will be implemented in upcoming releases with some improvements in "Admin" section too.

About the retention period, yes, that's very good, but we had to set it to zero in config  in order not to keep it after successful processing. And then a question of meaning of such reporting is on a table.

Anyway, probably we can close the discussion for now in respect of v2.1 and simply wait for v2.2 and v2.3  releases - fingers crossed 🙂

Thanks,
Lukas R.



------------------------------
Lukas Ramasauskas
RPA Software Engineer
Swedbank AB
Europe/Vilnius
------------------------------

Hi Lukas,

The question of installing on a pre-created Db has been raised previously. If this is something you want to see in the product, the best thing you can do is add it to the ideas page using the link for "Innovate" at the top of the page. Every idea on there for Decipher is reviewed by the Product Manager.

On the reporting db topic. There are a few additional tables in the reporting db that aren't in the regular db. These store pre-calculated reporting data, removing the need to retain the detail (and as such any sensitive data).

With respect to role segregation. There are plans to greatly improve this in v2.3, due out later this year. As a former BP developer at one of our customers, I can fully appreciate the need for data segregation. I'll personally be working with the development team to move this into the direction of greater  and more detailed access control (e.g. not all Decipher developers having admin access). It's quite a big task, so you may see these updates over a couple of version releases.

If you've selected to encrypt your database, there should be no need to set the data retention so low. Even though the documents are copied to a local folder for Decipher access, they are also encrypted. Such a low setting would impact your ability to use the additional ML capture models, as they need the data to build their models. E.g. If your training count is 1,000 documents and you process 200 per day, you will need at least 5 days of data. But using these models isn't mandatory as I'm sure you already know.

There are a lot of greater features coming over the next planned releases and this are being delivered as a mixture of functional improvements as well extraction improvements.

Thanks

------------------------------
Ben Lyons
Senior Product Specialist - Decipher
Blue Prism
UK based
------------------------------
Ben Lyons Senior Product Specialist - Decipher SS&C Blue Prism UK based