Enable the client to implement techniques such as data partitioning, pseudonomisation, anonymization, encryption on data | Community
Skip to main content
AEM_Forum
AEM_Forum
Level 10
December 20, 2017
Solved

Enable the client to implement techniques such as data partitioning, pseudonomisation, anonymization, encryption on data

  • December 20, 2017
  • 7 replies
  • 2474 views

Hi,

Kindly suggest how to Enable the client to implement techniques such as data partitioning, pseudonomisation, anonymization, encryption on Adobe Campaign data.

Appreciate your replies.

Thanks,

Rama.

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by Amit_Kumar

    Hi Rama,

    Have you have seen Adobe Security guidelines?

    http://wwwimages.adobe.com/content/dam/acom/en/marketing-cloud/campaign/pdfs/54658.en.campaign.wp.adb-security.pdf

    If your instance is hosted by Adobe, ask support to install GPG utility on the server.

    Get public-private key pair generated for outbound transfer.

    While doing export, you can encrypt the file on Campaign server and also provide the public key to external sFTP server team for decrypting the file. And use vice-versa to decrypt the file to decrypt at adobe campaign.

    This can be done in file load activity and js activity, and for all the transfer via the database, it happens via secure transfer so that should be covered.

    For deletion, if it's hosted by Adobe you are covered because it's Adobe's responsibility to ensure the compliance if it's on the premise, Move all the data marked as delete to an Archiving location and use Gutmann method to delete which will ensure that you are covered.

    https://en.wikipedia.org/wiki/Gutmann_method

    A sample tool buit ontop of this method, use this for Linux environments.

    http://manpages.ubuntu.com/manpages/xenial/en/man1/shred.1.html

    PS: Build a new strategy for data sharing between two markets based on the permission.

    Regards,

    Amit

    7 replies

    florentlb
    florentlb
    Level 10
    January 2, 2018

    Hi Rama,

    The first thing that comes to my mind here is this section about restricting PII view: https://docs.campaign.adobe.com/doc/AC/en/CFG_Editing_schemas_Restricting_PII_view.html

    Now, that does not answer all of your question so I've forwarded it to our security team to get their point of view as well.

    Thanks,

    Florent

    AEM_Forum
    AEM_ForumAuthor
    Level 10
    January 30, 2018

    Is there any update as yet Florent?

    I need the answer  very urgently.

    Appreciate all your support.

    Thanks,

    Rama.

    florentlb
    florentlb
    Level 10
    January 30, 2018

    Hi Rama,

    Encryption and anonymization are I think already possible with Campaign. As for the other parts, some product enhancements are on the way to help companies using Adobe products to comply with GDPR regulations. More information will be provided shortly by the product team (in a few weeks).

    Florent

    AEM_Forum
    AEM_ForumAuthor
    Level 10
    January 31, 2018

    Thanks Florent for responding.

    "Encryption and anonymization are I think already possible with Campaign".

    How are they achieved?

    Using Configurations (where in the tool?) or customization (coding)?

    Since this info is very urgent, kindly update me as soon as you receive it from the product team.

    Thanks,

    Rama.

    florentlb
    florentlb
    Level 10
    January 31, 2018

    Hi Rama,

    Can you confirm that your requests are related to GDPR compliance?

    In any case, I'd recommend reaching out to support so they log in all your different requests and provide you with the existing solutions, and put you in relation with our security specialists directly, since people on this forum won't have real insight on GDPR enhancements before it's live in a few months.

    Florent

    AEM_Forum
    AEM_ForumAuthor
    Level 10
    January 31, 2018

    Thanks Florent for responding.

    Yes, my requests are related to GDPR compliance, but approaching security specialists, etc from my side would take a long time.

    By May-18, GDPR compliance should be achieved.

    Kindly try to answer from the product capabilities, as it stands currently and also reach out to them for the things unclear to you.

    Thanks,

    Rama.

    Amit_Kumar
    Amit_KumarAccepted solution
    Level 10
    January 31, 2018

    Hi Rama,

    Have you have seen Adobe Security guidelines?

    http://wwwimages.adobe.com/content/dam/acom/en/marketing-cloud/campaign/pdfs/54658.en.campaign.wp.adb-security.pdf

    If your instance is hosted by Adobe, ask support to install GPG utility on the server.

    Get public-private key pair generated for outbound transfer.

    While doing export, you can encrypt the file on Campaign server and also provide the public key to external sFTP server team for decrypting the file. And use vice-versa to decrypt the file to decrypt at adobe campaign.

    This can be done in file load activity and js activity, and for all the transfer via the database, it happens via secure transfer so that should be covered.

    For deletion, if it's hosted by Adobe you are covered because it's Adobe's responsibility to ensure the compliance if it's on the premise, Move all the data marked as delete to an Archiving location and use Gutmann method to delete which will ensure that you are covered.

    https://en.wikipedia.org/wiki/Gutmann_method

    A sample tool buit ontop of this method, use this for Linux environments.

    http://manpages.ubuntu.com/manpages/xenial/en/man1/shred.1.html

    PS: Build a new strategy for data sharing between two markets based on the permission.

    Regards,

    Amit

      Terms & ConditionsAccessibility statement

      Loading footer...