Encrypt Database Adobe Campaign Classic

Description

Some of our BU’s law requested the personal data stored in the electronic system must be in the form of the encrypted data.

Just wondering if Adobe Campaign can achieve this for customers who host their marketing instances on premise.

Please advise.

Thanks.

Resolution

Please find below the information we have received from our Team internally:-

**************************************************************************

Oracle has an extension to encrypt the whole database: TDE

Oracle TDE should be the same as any other storage-level DB encryption, completely transparent (as the name Transparent Data Encryption indicates) to the application. This is no different from an application perspective to Amazon RDS encryption, which we use in our hosted environments.

The advantage is that it will be transparent for Adobe Campaign, so it should not be that hard to put that in place (not sure about the cost though; Oracle thing can be very expensive). You will have to determine if it covers your security requirement though.

TDE is largely transparent to applications and users accessing the DB and performing reads/writes/deletes to the data. The DB platform usually handles the encryption and decryption of the data. Though note that I’m not currently aware of any environment where we implemented it for Adobe Campaign Classic, for that customers can check with their CSM to get clarification via the Professional Services team.

Data is encrypted at rest on disk from access via the operating system, but the Oracle engine decrypts it as needed. The application doesn’t have to do anything special to access it. It likely imposes some small performance impact, as any encryption would, though according to their docs1 this is negligible2.

1 https://www.oracle.com/database/technologies/faq-tde.html
2 According to internal benchmarks and feedback from our customers running production workloads, the performance overhead is typically in the single digits. Starting with Oracle Database 11g Release 2 Patchset 1 (11.2.0.2), the hardware crypto acceleration based on AES-NI available in recent Intel processors is automatically leveraged by TDE tablespace encryption, making TDE tablespace encryption a ‘near-zero impact’ encryption solution.

**************************************************************************

On this page