Encrypting protected data in the cloud

When the Workforce Management application is running in Commercial Cloud or GovCloud mode, AWS Key Management Service (AWS KMS) is used to encrypt the keys that are used in the application to encrypt your data.

To protect the data keys that are used to encrypt your data, the data keys are encrypted by another key, known as a master key. For cloud deployments, the master key is stored and managed securely in the AWS KMS. The master key, known as a customer master key in AWS KMS, can only be accessed through AWS KMS.

An alias for the customer master key is created for each tenant as part of tenant creation. The alias must be passed to the application on startup by adding a JVM parameter to the WFM application server and Job Scheduler configuration.

For details, see the Infor Workforce Management Cloud Implementation Guide.