-
Type:
Epic
-
Status: To Do
-
Priority:
High
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Labels:None
-
Company:All Clients/Multiple Clients
-
Epic Name:Application level security
-
Sprint:Dec 2020 Release - Sprint 1, Dec 2020 Release - Sprint 2, Jan 2021 Release - Sprint 1, Jan 2021 Release - Sprint 2, Feb 2021 Release - Sprint 1, Feb 2021 Release - Sprint 2, March 2021 Release - Sprint 1, March 2021 Release - Sprint 2, April 2021 Release - Sprint 1, April 2021 Release - Sprint 2
Application level security
Columns containing PII data in database are saved as plain text. Looking at options to encrypt this data and will share more details next week
DMS document template has permission settings to restrict view of sensitive data (SSN, DOB etc.). At the moment this has to be configured by the customer or CB implementation team. We can put in checks for some of the known attributes to prevent recruiters/admins from being able to see the data entered by candidates.
If the customer does capture any other PII data that we cannot be aware about, they need to take care of setting appropriate permissions. From DMS side, we can only encrypt the data.
- relates to
-
DMS-2350 MYSQL Table level encryption R&D
-
- Done
-