Community
Showing results for 
Search instead for 
Do you mean 
Reply

Can you encrypt an ACT! 2010 database?

Copper Contributor
Posts: 73
Country: United States

Can you encrypt an ACT! 2010 database?

[ Edited ]

Increasingly, we are required to protect personal client information by encryption of data files (or other means). Almost all of our client information are in our ACT! database. If we can encrypt this information we should be OK. We have ACT! 2010 Premier. I wonder if such encryption is possible with ACT! (we already use passwords) and how to go about it? 

Message Edited by ghollister on 01-21-2010 04:42 PM
Platinum Elite Contributor
Posts: 14,384
Country: Australia

Re: Can you encrypt an ACT! 2010 database?

I don't think it's possible to fully encrypt the database, but it would be possible to create a plug-in the encrypted specific fields... but this could be complex if you wanted to do more that access them in the normal UI. EG to include those fields in reports, templates, exports or some other functions

 

You need to think about what data you store that is at risk... then look at network security to prevent the database being taken (more complex if users are using sync to laptops or smart phones).

 

Then you can look at network security to protect the database and, if essential, have a plugin created to secure specific fields or content - GL computing can help with that last bit if you need it and have the budget.

New Member
Posts: 1
Country: USA

Re: Can you encrypt an ACT! 2010 database?

TrueCrypt is one of the best encrypting utilities for PCs (and it's free open-source code, see http://www.truecrypt.org/). Blogging at http://community.act.com/t5/ACT/Act-TrueCrypt-and-CompanionLink-for-Android/m-p/72811 includes other ACT owners who successfully use TrueCrypt with ACT. But, as Greg Martin says in http://community.act.com/t5/ACT/How-to-use-TrueCrypt-and-Act/m-p/73443, one of the reasons Sage switched to SQL was to include transparent encryption (TrueCrypt allows for slightly stronger encryption and control). Note, there are many tools for brute force hacking of passwords - so, IMHO you should double the lenght of a person's normal password (making brute force much harder)... as one would with any encryption. I would quess HIPPA requirements for user names, data encryption, strong passwords, audit trails, inactivity timeouts, etc can be met by ACT / SQL / Windows for the lone workstation (I don't believe, though, there is any formal HIPPA certification process for anyone, like Sage, to guarantee compliance). I understand HIPPA also (reasonably) requires encryption for any network activity as well as all backups (which is often overlooked).