Encryption Setup
ngSurvey can be configured either at the server level to provide transparent encryption using a single symmetric text based key that will encrypt and decrypt data automatically when needed or you can secure each survey independently using separate asymmetric PGP key pairs to encrypt your data using your public key and decrypt it only on demand using your private key.
Encrypted data cannot be recovered if you loose your encryption keys.
๐จโ๐ป๏ธ Additional security considerations
Besides encrypting data within the database we also suggest securing your database at rest using SQL Server's native Transparent Data Encryption. This will make sure that any files used by SQL Server to store your data are properly secured and encrypted.
To setup TDE you may follow Microsoft's SQL Server's official TDE documentation
Once you have setup an encryption key new SQL connection strings, active directory passwords and system settings (mail, twilio) will be encrypted. To encrypt old values you will need to update their value back.
Last updated