Encryption key: DB and App server File System options in Blue Prism

HarishVerma · ‎19-07-19

Context: Mechanism to store encryption key (DB and App server File System) and protecting it from system administrator against misuse.

Use case: 1
Currently, encryption key and encrypted data both are stored in db, By virtual of Blue Prism design, encryption key can be stored in database or File System (FS) on App Server. No other option is available.
1. DBA access: We can move encryption key to App server and restrict dba access to app server.
2. Wintel / Blue Prism administrator access: They would have access to App server FS, wherein they also have access to Blue prism database (limited access though) for maintenance activity. This is causing issue.

Requirement:The requirement is to store encryption key in any other tool (like IBM PIM - Product Information Management), where administrator should not have access to.

Use case 2:
When user navigates to encryption key using Blue Prism user interface, the log is also not recorded.

Requirement: I believe this is essential for any audit compliance.

robert.nicklin · ‎22-07-19

Hi Harish,

Not sure whether you raised this question with support or not, but I just wanted to clarify that when we store the encryption key in the database/application server file system we actually encrypt it - essentially what you're seeing isn't the plain text version of the encryption key.

I hope this helps, if you have any more questions feel free to raise this as a support ticket and I'm sure we'd be able to advise you further.

Rob

SS&C Blue Prism Community

Encryption key: DB and App server File System options in Blue Prism

BP Client re-connect feature

Automatically wait for and execute a schedule

CICD Solution

Visualize code references and dependencies

Stop preemptive connection to server & user authen...