Encrypt Database in Adobe Campaign Classic

This article addresses the issue of storing personal data in an encrypted form for those hosting marketing instances on-premises using Adobe Campaign Classic. If you need to encrypt data in Adobe Campaign Classic, check with our Customer Success Manager (CSM) about implementing Oracle’s Transparent Data Encryption (TDE).

Description description

Environment

  • Adobe Campaign Classic

  • Adobe Campaign

Issue/Symptoms

For marketing instances hosted on-premises, is it possible to store personal data in an encrypted form?

Resolution resolution

Oracle has an extension to encrypt the whole database: Transparent Data Encryption (TDE)

Oracle TDE should be the same as any other storage-level DB encryption, completely transparent (as the name indicates) to the application. This is no different to Amazon RDS encryption (from an application perspective), which we use in our hosted environments.

The advantage is that it will be transparent for Adobe Campaign, so it should not be that hard to put that in place (check about the cost though; Oracle can be very expensive). However, you will have to determine if it covers your security requirement.

TDE is largely transparent to applications and users accessing the DB and performing reads/writes/deletes to the data. The DB platform usually handles the encryption and decryption of the data. To know if it has been implemented for any Adobe Campaign Classic environments, check with your CSM to get clarification via the Professional Services team.

Data is encrypted at rest on disk from access via the operating system, but the Oracle engine decrypts it as needed. The application doesn’t have to do anything special to access it. It likely imposes some small performance impact as any encryption would, though according to their docs [ 1] this is negligible [ 2] .

[ 1] https://www.oracle.com/database/technologies/faq-tde.html

[ 2] According to internal benchmarks and feedback from those running production workloads, the performance overhead is typically in the single digits. Starting with Oracle Database 11g Release 2 Patchset 1 (11.2.0.2), the hardware crypto acceleration based on AES-NI available in recent Intel processors is automatically leveraged by TDE tablespace encryption, making TDE tablespace encryption a ‘near-zero impact’ encryption solution.

recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f