CAMPAIGN TEMPLATE ENCRYPTION EXPORT METHOD

Owned by PeterF (Deactivated)
Sept 06, 2016
2 min read

Encryption Methods

The set of Encryption Methods define the set of allowed encryption methods that can be used when exporting data.

When Campaign Template field encryption is enabled all fields are encrypted using a strong Public Key encryption method. When you look to export data the encrypted fields need to be re-encrypted using keys that you have access to.

Best Practice

The recommend best practice is:

  • Use the PGP File export method ONLY
  • Give one user access to export data.
  • Give a separate user access to the PGP Private key necessary to decrypt the exported data.

Using the above method means that two staff have to co-operate in order to access sensitve data.

There is no point enabling Encryption if you are not going to follow the above best practice. Any weak point in how you manage and control access to the data will essentially eliminate any possible security gained by using encryption.

Encryption Access

View the Encryption Access tab to see/control the list of users that can export encrypted Campaigns.

Encryption Methods

At least one Encryption Method MUST be defined in order to export Campaign data.

The available Encryption Export methods are (in order of strength)

  • PGP File - (highly recommended)
  • Don Manager
  • None

You may add multiple Encryption Methods as you may need to export the data using different methods in different circumstances. 

Only users that have been granted Encryption Access (via the Encryption Access tab in Campaign Templates) have permission to export data from Campaign Templates that have encryption enabled.

PGP File

The PGP File encryption method is the ONLY secure method of exporting data. It requires you to download a PGP application and generate your own Public and Private Keys.  By uploading the generated Public Key into Noojee Admin, the export system is able to encrypt the exported data using your Public Key.

When using PGP File encryption EVERY field is encrypted in the resulting exported file. You will not be able to open the file in Excel until after you have decrypted the file using a PGP file decryption application.

Once exported the only person that can decrypted the data is someone that has access to your Private Key (which you MUST store securely).

There are a number of PGP applications that will allow you to generate keys and decrypt the exported data.

https://www.gpg4win.org/

http://ppgp.sourceforge.net/

Consider using the likes of LastPass (https://www.lastpass.com) for storage of your Private Keys.

Note: Noojee does not endorse any of these products and does not verify their relability or integrity.

Don Manager

The Don Manager method should only be used by users of the Don Manager application.

The Don Manager encryption is EXTREMELY WEAK and you should treat any data encrypted with the Don Manager encryption method as if it was NOT ENCRYPTED.

That may seem like an odd concept but weak encryption is really no encryption at all.

None

This is the 'no encryption' method. Any data exported using the 'None' method will simply NOT be ENCRYPTED.

The exported campaign will be a standard CSV file which ANYONE can open with Excel and all fields are fully visible (e.g. NOT encrypted).

You should only use this option if you are only going to download the data onto a secure system. Given that most organisations system can not be considered secure then YOU SHOULD NOT USE THIS METHOD.