Products
Contact Support Additional Learning Monthly Product Updates
Menu

Forsta Servers Support

All the topics, resources needed for Forsta Servers.

Database Encryption

  • Last updated:

Articles in this section

In this article

    Professional Authoring users can encrypt survey databases “at rest” on the database server. The add-on is chargeable and requires an updated license file in order to be used.

    If your Forsta Plus environment has more than one SQL Server Instance (go to Multiple SQL Server Instances for more information) you can select which instance(s) you want Database Encryption activated on.

    Note: Database Encryption requires SQL Server Enterprise Edition.

    Configure Database Encryption

    After purchasing the add-on and installing a new license file, the following steps are required to prepare your Forsta Plus site for Database Encryption:

    Preparing SQL Server for Database Encryption

    To prepare the SQL Server(s) you have to create a certificate for encryption on your DB server. This is done by running the following statement in the SQL Server Management Studio (replacing values where required):

    USE_master;
    GO
    CREATE_MASTERKEYENCRYPTIONBYPASSWORD='EncryptionPassword';
    go
    CREATE_CERTIFICATE EncryptionCertificate WITHSUBJECT='Encryption Certificate Confirmit site';
    GO

    If enabling Database Encryption on multiple SQL Server instances, the certificate must be created with the same name on all instances. Once the Certificate is created, you are strongly recommended to take a backup. This can be done by running the following command (replacing values where required):

    USE master
    GO
    BACKUPCERTIFICATE OnDemandEncryptionCertificate
    TOFILE='[file location]\[EncryptionCertificateName].cer'
    WITHPRIVATEKEY (FILE='[file location]\[EncryptionCertificateName].pvk',
    ENCRYPTIONBYPASSWORD='EncryptionPassword')
    GO

    We strongly recommend that you backup and store the certificate in a secure location.

    Preparing Forsta Plus for Database Encryption

    Once the certificate is created, Database Encryption can be enabled in Forsta Plus:

    1. Open System Configuration.
    2. Expand the Security settings section.
    3. Enter the name of your certificate in the EncryptionCertificateName box.

      4. Figure 1 - Entering the certificate name

    4. Expand the SqlServer role, select the SQL server(s) where the certificate was created, and enable the SQLServerUsedForEncryption checkbox to enable encryption for the server.

      5. Figure 2 - Checking the SQLServerUsedForEncryption checkbox

      Database Encryption is provided on a per company basis in Forsta Plus. To enable the feature for a company:

    5. Open the Admin > Accounts > Companies menu.
    6. Select the desired company.
    7. Navigate to the Add-Ons tab, and add the Database Encryption add-on to the Selected list.

      8. Figure 3 - Adding the Database Encryption add-on

    8. To create an encrypted database, the ‘Enable Database Encryption’ checkbox must be selected when launching a survey.

    Figure 4 - Selecting Enable Database Encryption

    Database Encryption only applies to new databases, or databases that are re-launched with the ‘Create new database’ option.

    Important
    Selecting 'Create new database' will cause a new database to be created and will result in loss of data if the data is not backed up.

    Was this article helpful?
    0 out of 0 found this helpful
    Return to top