I'm starting to test using local encryption for our CRM database. Many of our sales representatives have local copies. Updates can be done locally or on the server, and the changes replicated push/pull. When I test this though, any document I create or change on my encrypted local copy replicates to the server. But, the documents are not visible on the server version. I've checked that the 'do not send changes in local security property to other replicas' is checked on my encrypted database. The level of encryption is simple -- the server TCPIP port is set to encrypt and compress network data.
I think everything is working as it should, you just need to learn a bit more about what these options mean. There are three separate features you touched on:
- Whole database encryption, which prevents someone from reading a local database if they gain access to your laptop.
- The option "do not send changes in local security." This refers to the local encryption settings, not to the encrypted data itself.
- Port encryption, which relates to encryption of the bits over the LAN, rather than encryption of the data on-disk. This should have no effect on the other behavior you are observing.
Here are a couple things to look for. Are you also using field-level encryption with secret keys? This could explain documents sometimes being visible and sometimes not. Check the document properties of the docs on the server. Are the fields present, but encrypted, or not there at all? Can another user see the documents that you replicate up?
Do you have comments on this Ask the Expert question and response? Let us know.
This was first published in November 2004