Edge Import - Edge Import Framework - Support Customer PGP Key
Previously, reports for PGP encrypted files were only available to customers in a redacted format. By supporting a public key that customers specify when they import a file to the Edge Import feed, customers can use their corresponding private key to decrypt the PGP encrypted load report.
The load report can only be decrypted by the customer’s private key associated with that public key. Once decrypted, the user can then see records with errors so they can readily resolve them.
How does this work?
Nothing is changing with how customers encrypt the files they send to Cornerstone. Customers must still only use Cornerstone-generated PGP keys to encrypt their files.
Customers add their public PGP key in Key Management to inform Cornerstone which key they used to encrypt the file.
Customers select an additional key, one of their public keys, when creating a load so Cornerstone can use it to encrypt a report after performing the load. Customers can download the load report and use their private key to decrypt it using their decrypting tool.
Customers are responsible for managing their public and private keys for load reports.
How Does this Enhancement Benefit My Organization?
This feature targets customers using Edge Import and uploading PGP encrypted files. By allowing customers to add their own public PGP key, they can now decrypt the load reports.
Manage Keys
On the Manage Keys page, there are now two tabs:
- Encryption Keys - This tab contains all previously existing functionality from the Manage Keys page.
- Report Encryption Keys - This tab enables administrators to create keys to add their public key for Cornerstone to encrypt the reports.
A maximum of 20 Report Encryption Keys can be uploaded. Note that once the Report Encryption Key is uploaded, administrators cannot download nor view the value of the Report Encryption Key.
Create Load
Administrators can now select a Report Encryption Key when creating a new load.
Implementation
This functionality is automatically enabled for existing Edge Import customers. Customers must create a public/private key pair on their end. Please note that your portal may take a couple of days to update following the release of this new feature.
Permissions
The following existing permissions apply to this functionality:
| PERMISSION NAME | PERMISSION DESCRIPTION | CATEGORY |
| Access Edge Import | Grants access to the Edge Import tool, which enables administrators to load data into their portal. This permission cannot be constrained. This is an administrator permission. | Edge Import |