IT is now insisting that sensitive data in my Filemaker solutions be encrypted so if someonehacks in to the server they will not be able to read the data. The main concern is Social Security Numbers and Credit Card Numbers. IT wants these fields to be encrypted on the server. I'm a bit confused on how the work flow should be handled. If for example the SSN field is encrypted on the server how does a client retrive a SSN for a particular record and after entering a new SSN for a record how does the server know to encrypt the data. First of all I believe I need a plugin to do the encryption, is that right. Then do I write a script that encrypts all the records say for the SSN field. After that do I need a script that the client can run on a particular record that would decrypt the SSN in order to use it or change it? Once the client closes the solution would I then have a script that would encrypt the SSN field? If the client needs to run a report that includes the SSN number I would need to run a script to decrypt all the records before running the report and the encrypt then all again when the client signs off.
I've never worked with encryption and as you can see am a bit confused on how the process should work. Also, any suggestions on which plugin would be best for what I need to do would be welcomed.