Tablespace encryption to protect PII information (best practices)

book

Article ID: 197839

calendar_today

Updated On:

Products

Clarity PPM On Premise

Issue/Introduction

1. Provide the list of tables (including DWH) where PII information (First Name, Last Name, Email ID, Phone# etc) are stored in Clarity database.
2. Let us know if there is any impact to the application capabilities (including upgradeability) if the above set of tables are moved to TDE tablespace in the DB.

Environment

Release : 15.8.1

Component : CA PPM INTEGRATIONS & INSTALLATIONS

Resolution

The fields with PII are documented as part of our GDPR / PII masking feature here:

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/business-management/clarity-project-and-portfolio-management-ppm-on-premise/15-8-1/administration/configure-secure-authentication-user-accounts-and-passwords/gdpr-protect-personally-identifiable-information.html

Check out the list of tables and fields. This part as this is where the PII fields are documented. You don't have to run the GDPR job. This is just to inform you where the fields are, in which tables.

 

Regarding tablespaces, moving the tables to a separate tablespace should not have any implications. Using a TDE tablespace can cause a performance overheard, as described here:

https://knowledge.broadcom.com/external/article?articleId=107115

Clarity does not provide database encryption, you will have to do it in the database. Here is our documentation regarding TDE:

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/business-management/clarity-project-and-portfolio-management-ppm-on-premise/15-7-1/installing-and-upgrading/configure-clarity-ppm-with-oracle-database-encryption.html