This documentation supports the 21.02 version of BMC Helix Innovation Studio.To view an earlier version, select the version from the Product version menu.

Encrypting fields

Excerpt named platformname was not found in document xwiki:Service-Management.Innovation-Suite.BMC-Helix-Innovation-Studio.is2102._inclusionsLibrary.WebHome. enables an application business analyst to enter a secure value in a text field by encrypting or hashing. You can encrypt the text field by enabling properties such as Store Encrypted or Store Hashed. The advantage of using these properties is that the information entered in the text fields can be stored safely and viewers will not have access to confidential information.

The difference between the Store Encrypted and Store Hashed property is that if you use the Store Encrypted property, the value of the text field is encrypted, but you can decrypt the value. For the Store Hashed property, the value of the text field is one-way encrypted and cannot be decrypted.

Important

  • Application business analysts can customize the objects developed in their own applications and that are marked customizable by the administrator, but cannot customize the objects developed in com.bmc.arsys in Best Practice Customization mode. For example, objects in core BMC applications like Foundation, Approval, and Assignment cannot be customized in Best Practice Customization mode. For more information, see Customization-layer.
  • You cannot change the field IDs of default record fields.

To encrypt a text field

You can encrypt a text field in a record definition by using the Store Encrypted property available in the Record designer. With this property, the value of the text field is encrypted in the database but appears as clear text when shown on UI. So, important and confidential information is secured. The Store Encrypted property is available only for the text fields.

  1. Log in to BMC Helix Innovation Studio and navigate to the Workspace tab.
  2. Select the application for which you want to encrypt the record definition field.
  3. On the Records tab, select the record definition and click the record name.
  4. In the Record designer, select the field name that you want to encrypt.
  5. Click the Settings icon Settings icon.png in the Details pane on the right side. 

  6. In the field details, use the toggle key for the Store Encrypted property as shown in the following image and save the record.

    Important

    If the property is enabled for a field, search on this field fails since the data in this field is encrypted. Make sure that you remove the field from all the qualification used for searching data.

    Encrypted field.png

Important

In BMC Helix ITSM: Smart Reporting, an encrypted field value is displayed as decrypted only if you use it as is and not with any operator, for example, concatenation, function, and so on.

For example, an employee record has the employeeName and salary fields, and the salary field is encrypted. The value of the employeeName field is Ajay, value of the salary field is 10000, and the encrypted field value of the salary field (10000) is 67ghh898989.

  • When you select employeeName, salary from the employee record, you get the values as Ajay, 10000.
  • When you select employeeName + salary, you get the value as Ajay67ghh898989.

To hash a text field

You can enable Store Hashed property for a newly created or already existing text field in a record definition. You can enable Store Hashed property only for text fields. After enabling this property, if you enter a value in the text field, it appears as dots or asterisks and not as clear text. A store hashed text value can never be decrypted. For a Store Hashed property, the field length should be 30 characters. 

To compare the hashed value, the user must provide the value in clear text. This value is compared with the stored hashed value in Remedy server.

Important

In BMC Helix Innovation Suite, all the password fields are hashed to prevent any decryption.

You cannot modify Store Hashed property on a customized and inherited text field. You cannot change it on record definitions like Join and Audit. For these record definitions, the Store Hashed property will always be the same as the one defined for their parent record definitions.

This property is useful when any crucial, highly secured information needs to be entered and stored.

For example, you can add a password or similar authentication parameter for every user. If the text field for the parameter is store hash enabled, the value entered for this parameter always appears as dots and never as a text.

  1. Log in to Excerpt named productname was not found in document xwiki:Service-Management.Innovation-Suite.BMC-Helix-Innovation-Studio.is2102._inclusionsLibrary.WebHome. and navigate to the Workspace tab.
  2. Select the application where you want to create a new record definition.
  3. In a record definition, add a new text field.
  4. For the text field, in the Details pane, update the following properties:
    • In Field ID, enter the field id within the range of 50 to 70
    • In the Length field, enter field length as 30.
  5. To enable the property for the text field, click Store Hashed Toggle button.png.
  6. Click Save.

The following image shows the configuration to enable the Store Hashed property:

2102_Store Hashed configuration.png

After you enable the Store Hashed property, if you navigate to Edit Data, and click New, a field will be present on the UI of the application. This field will have the same name as the name entered in the text field details screen. If you enter any text in this field, it will appear as encrypted.

You can also use the Store Hashed property to validate the PIN value of the requester. For more information about validating the PIN value, see Validating-and-verifying-a-PIN-value.

To configure a character field in Remedy Developer Studio to enable hashing, see Encrypting values in a character field.

Related topic

Creating-or-modifying-regular-record-definitions

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*