A newer version of this documentation is available.

View Latest

Encryption in Applications

    You can encrypt data inside your application, even before it is sent to the server. This allows encryption to be used selectively, for only the most sensitive information you intend to send.

    Best Practices

    You are strongly recommended:

    • Always to maintain the secrecy of your encryption key: by means of either a secure key ring, or a hardware security module (HSM).

    • Always to use a standard encryption library to encrypt data; and never to rely on in-house encryption or key-management solutions.

    • Never, when managing documents, to include sensitive information in the document ID.