Hi,
Kindly suggest how to Enable the client to implement techniques such as data partitioning, pseudonomisation, anonymization, encryption on Adobe Campaign data.
Appreciate your replies.
Thanks,
Rama.
Solved! Go to Solution.
Hi Rama,
Have you have seen Adobe Security guidelines?
If your instance is hosted by Adobe, ask support to install GPG utility on the server.
Get public-private key pair generated for outbound transfer.
While doing export, you can encrypt the file on Campaign server and also provide the public key to external sFTP server team for decrypting the file. And use vice-versa to decrypt the file to decrypt at adobe campaign.
This can be done in file load activity and js activity, and for all the transfer via the database, it happens via secure transfer so that should be covered.
For deletion, if it's hosted by Adobe you are covered because it's Adobe's responsibility to ensure the compliance if it's on the premise, Move all the data marked as delete to an Archiving location and use Gutmann method to delete which will ensure that you are covered.
https://en.wikipedia.org/wiki/Gutmann_method
A sample tool buit ontop of this method, use this for Linux environments.
http://manpages.ubuntu.com/manpages/xenial/en/man1/shred.1.html
PS: Build a new strategy for data sharing between two markets based on the permission.
Regards,
Amit
Hi Rama,
The first thing that comes to my mind here is this section about restricting PII view: https://docs.campaign.adobe.com/doc/AC/en/CFG_Editing_schemas_Restricting_PII_view.html
Now, that does not answer all of your question so I've forwarded it to our security team to get their point of view as well.
Thanks,
Florent
Views
Replies
Total Likes
Is there any update as yet Florent?
I need the answer very urgently.
Appreciate all your support.
Thanks,
Rama.
Views
Replies
Total Likes
Hi Rama,
Encryption and anonymization are I think already possible with Campaign. As for the other parts, some product enhancements are on the way to help companies using Adobe products to comply with GDPR regulations. More information will be provided shortly by the product team (in a few weeks).
Florent
Views
Replies
Total Likes
Thanks Florent for responding.
"Encryption and anonymization are I think already possible with Campaign".
How are they achieved?
Using Configurations (where in the tool?) or customization (coding)?
Since this info is very urgent, kindly update me as soon as you receive it from the product team.
Thanks,
Rama.
Views
Replies
Total Likes
Hi Rama,
Can you confirm that your requests are related to GDPR compliance?
In any case, I'd recommend reaching out to support so they log in all your different requests and provide you with the existing solutions, and put you in relation with our security specialists directly, since people on this forum won't have real insight on GDPR enhancements before it's live in a few months.
Florent
Views
Replies
Total Likes
Thanks Florent for responding.
Yes, my requests are related to GDPR compliance, but approaching security specialists, etc from my side would take a long time.
By May-18, GDPR compliance should be achieved.
Kindly try to answer from the product capabilities, as it stands currently and also reach out to them for the things unclear to you.
Thanks,
Rama.
Views
Replies
Total Likes
Hi Rama,
Have you have seen Adobe Security guidelines?
If your instance is hosted by Adobe, ask support to install GPG utility on the server.
Get public-private key pair generated for outbound transfer.
While doing export, you can encrypt the file on Campaign server and also provide the public key to external sFTP server team for decrypting the file. And use vice-versa to decrypt the file to decrypt at adobe campaign.
This can be done in file load activity and js activity, and for all the transfer via the database, it happens via secure transfer so that should be covered.
For deletion, if it's hosted by Adobe you are covered because it's Adobe's responsibility to ensure the compliance if it's on the premise, Move all the data marked as delete to an Archiving location and use Gutmann method to delete which will ensure that you are covered.
https://en.wikipedia.org/wiki/Gutmann_method
A sample tool buit ontop of this method, use this for Linux environments.
http://manpages.ubuntu.com/manpages/xenial/en/man1/shred.1.html
PS: Build a new strategy for data sharing between two markets based on the permission.
Regards,
Amit
Views
Likes
Replies