I was wondering if CDS supports data encryption for sensitive information like social security number.
I was wondering the same thing. I have several applications that will require PII information to be encrypted.
Has anyone found a way to do this? Is Microsoft working on this?
Any help will be greatly appreciated. Thanks.
Hello Ed, most solutions usually redact the information (XXX-XX-XXX) completely or simply randomize the parsed sensitive content and store the original and randomized pairs in a secret database (vault).
If however, you're seeking to parse and encrypt the sensitive content such as SSN, CCN, DOB etc. you'd need a solution to later decrypt this content based on the end-user accessing the content. We offer a solution called Self-Defending KMS that provides such an encryption and decryption solution,called tokenization. We have numerous APIs to integrate with Microsoft O365 and SharePoint (through Power Automate), big data (Google Big Table, Hadoop, Cloudera etc.) and Cloud object stores (AWS S3, Azure).
CDS is encrypted at rest. You can let Microsoft manage the key or you can manage your own. Here's the Microsoft CDS documentation on encryption: https://docs.microsoft.com/en-us/power-platform/admin/manage-encryption-key
If you need to only mask or secure a field like social security number, you can on top of encryption, enable field level security o that field and configure which users or teams/groups have access to update/create and view that field. For all other users that field will be masked from everywhere in CDS (UI, dashboards, API, etc). More on field level security: https://docs.microsoft.com/en-us/power-platform/admin/field-level-security
Hope this helps!