Microsoft Dynamics NAV and Data Encryption

In a moment where topics like GDPR and privacy are so hot, encrypting sensitive informations in your NAV database is becoming always more a must to do (and one of the features that customers are asking nowadays).

In these weeks I’ve see on forums many custom data encryption implementations on NAV, but starting from the 2015 version NAV as a built-in data encryption feature that can be used instead of “reinventing” all every time.

In order to use the standard NAV data encryption feature, you need first to go to Departments/Administration/IT Administration/General menu and click on Data Encryption Management.

In the Data Encryption Management page, click on Enable Encryption:

Now NAV asks you a confirmation message:

and then asks you to generate a password-protected encryption key:

Enter your password and save the generated encryption key in a safe location (don’t loose it!!):

When the .key file is generated, the Encryption Enabled and Encryption Key Exists flag are now set as true and in the ribbon some functions for managing this key are now activated:

Now you can start using the native NAV encryption features directly on your C/AL code in a very easy manner, just by calling the methods exposed in the codeunit 1266 – Encryption Management. Here’ s a small sample on how to encrypt and decrypt a sensible data from C/AL:

Some important things to remember if you’ve enabled data encryption in NAV:

• If you’ve multiple service tiers, you’ve to enable encryption from service tier 1, then export the encryption key and import that on the other service tiers (via the Import Encryption Key button on the Data Encryption Management page). If the encryption key is password-protected, NAV will ask you for the password when importing that key.
• If you export NAV encrypted data for importing that on a new NAV instance, you’ve also to export the encryption key and import it on the other NAV instance (or you can’t read that data).