Securing data with Make

data security is important for operational integrity, confidentiality, and authentication you can use a variety of methods to secure your data in {{product name}} methods and {{product name}} use cases select a method for more detailed information, including sample use cases with step by step instructions docid\ kwne2u3w9orbkjlduee9o aes is a symmetric algorithm that uses the same key for both encryption and decryption docid\ qsaaf5s fmxae7x0xpfj4 pgp is a cryptographic tool that encrypts a message using both symmetric and asymmetric keys docid\ ypvxzpw6vlcls1es8azv7 a digital signature is used to verify the identity of the sender and that a message or document is authentic and unaltered docid 0ctbs0pgxp3pp8fxym5b hash functions take variable length inputs and produce fixed length outputs of text that can't be reversed or decoded docid\ nr5i2u8ca8druikqrj8jo learn how data security helps prevent data tampering and unauthorized access while minimizing data exposure data security examples in {{product name}} consider the following examples to determine the best data security methods to use for your {{scenario singular lowercase}} encrypt and decrypt data with a secret key that is not hidden if you want to encrypt and decrypt data with a secret key that is not hidden (low data security) use docid\ kwne2u3w9orbkjlduee9o example an internal service to let teams search for non confidential employee information without accessing the idp (identity provider) if a third party manages to determine the webhook url and api key, the secret key used for encryption and decryption protects the employee information however, the key is not hidden in the scenario module required resources a module to connect to the idp https //apps make com/crypto#aes encrypt simple https //apps make com/crypto#aes decrypt simple a secret key shared in advance with all the teams using the service encrypt and decrypt sensitive data with a hidden, secret key if you want to encrypt and decrypt sensitive data with a hidden, secret key (more data security) use docid\ kwne2u3w9orbkjlduee9o example an internal service to give a limited number of users access to confidential employee information (for example salary, home address, yearly reviews, etc ) if a third party manages to determine the webhook url and api key, the secret key protects the employee information additionally, the shared aes key is encrypted by make and is inaccessible required resources a module to connect to the idp https //apps make com/crypto#aes encrypt advanced https //apps make com/crypto#aes decrypt advanced an aes key (128 or 256 bits) shared in advance with relevant users encrypt and decrypt sensitive data with a pair of private and public keys if you want to encrypt and decrypt sensitive data with a pair of private and public keys (high data security) use docid\ qsaaf5s fmxae7x0xpfj4 example a service to share confidential business information with a b2b partner pgp provides a high level of security against man in the middle attacks the sender and recipient exchange public keys in advance the data is encrypted with the recipient's public key and signed with the sender's private key the data is decrypted with the recipient's private key and the signature is verified with the sender's public key required resources https //apps make com/crypto#encrypt a pgp message https //apps make com/crypto#decrypt a pgp message a set of public and private pgp keys for the sender a set of public and private pgp keys for the recipient verify the sender and authenticity of a document if you want to verify the sender and authenticity of a document use a docid\ ypvxzpw6vlcls1es8azv7 example a service to verify that the sender of a contract is legitimate and the contract has not been modified the sender creates a digital signature with a private rsa key and sends the contract to the recipient with the digital signature the recipient uses the sender's public rsa key to verify the identity of the sender and that the contract has not been tampered with required resources https //apps make com/crypto#create digital signature a public and private rsa key for the sender the public key is shared with the recipient in advance secure and verify a password if you want to secure and verify a password use docid 0ctbs0pgxp3pp8fxym5b example a password system for a mission critical application that requires additional security the password is never stored instead, the sha 512 hash of the password is stored in a data store whenever a user logs in to access the system, the password they submit is hashed with sha 512 and the hash is compared to the stored hash required resources https //help make com/text and binary functions#sha512 https //help make com/l6du data stores create a secure audit log if you want to create a secure audit log use docid 0ctbs0pgxp3pp8fxym5b example a method to track users' actions in a system the method prevents users from accessing or modifying the audit logs when a record of the userid and additional details are stored in the data store, a hash is stored as well to access the record and verify that it has not been changed, your generated hash must match the stored hash the random salt is saved in a different location, so no one can calculate a new hash if they attempt to modify the record required resources https //help make com/text and binary functions#sha256 https //help make com/l6du data stores