Qlik Catalog provides the ability for administrators to set field level encryption to mask fields from displaying in user interface. To encrypt sensitive fields:
- From source module fields grid, click on field row and select the More option.
- Clicking on the View/Edit General Info option will open Field Information. Click on the check box next to Encrypt, Save and close.
- Next, the entity level encryption property must be set in the source module. Select View/Edit Properties from the entity More option, choose Add Property, then select field.encryption.seed.reference from the dropdown list. Any value can be set in the corresponding field (for example, “mycipher”) and that value is interpreted as the password or key itself. Choose Save and a success message should appear.
- To complete the encryption, the entity must be reloaded. Choose More next to the entity name and select Load. In the dataload window, adjust the values if necessary, and click OK.
- The admin will be returned to the entity page. Click (refresh) button to view job status. When successful, the Job Status will display that it is finished.
If Key Management Service (KMS) is not set up on the system, this is sufficient to encrypt the field so that internal end users without access to this source and associated properties cannot reverse the encryption or view field data values.
Alternately, if KMS is set up on the environment, then the value for the encryption seed reference property will be a URL.