You are here:
Create Encryption Keys for Field-Level Encryption
Field-level encryption adds an extra layer of protection to the customer data in your data extensions. Using field-level encryption requires purchasing Marketing Cloud Engagement Professional Services to configure the necessary changes to your account. To use field-level encryption in your data extensions, complete these prerequisites.
- From Setup, in the Quick Find box, enter Data Management, and then select Key Management.
- Click Create.
- Under Key Type, select Symmetric.
-
Generate a key value by using a cryptographically secure random number generator.
Marketing Cloud Engagement supports AES 256 encryption. Use a 64-character hexadecimal string for the key.
- Enter the pre-shared key, and save the key.
- On the Key Management page, click Create.
- Under Key Type, select Initialization Vector.
- For IV, enter a 32-character hexadecimal string, and save the IV.
After you create the symmetric key and IV, send their IDs to your Professional Services associate or account executive so that they can complete the configuration steps for your account.
When the setup process is complete, you can create data extensions in your account and specify which data extension fields to encrypt.
If you activate this feature in an existing account, you must re-create any data extensions that you want to use field-level encryption in. After you migrate your customer data from an old data extension to a data extension that use field-level encryption, delete the old data extension.
