Formstack Blog

Here to Help: Securing Your Form with Data Encryption

“Here to Help” is a support column written especially for Formstack’s awesome, loyal customers. This post is part of a four-post series on web form security.

If you use (or are planning to use) Formstack to gather and store sensitive, identifying data like social security numbers or credit card information, form encryption is a must! In fact, we take this so seriously that we require you to enable data encryption if you are collecting this type of information with your online forms.

Formstack provides two ways to encrypt your sensitive data:

  1. PGP encryption for data sent via email
  2. Data encryption for data stored in Formstack’s online database

In this post, I’ll cover each in full detail. Read on to find out how to keep your information secure!

PGP Encryption

PGP stands for Pretty Good Privacy, and it’s a widely used computer program that encrypts and decrypts messages sent over the Internet. If you are collecting sensitive information and routing that information via email, you need to set up PGP encryption on your notification emails.

A lot of email applications offer PGP support through third-party PGP programs. Below are the free plugins available for a few popular email applications. More complete lists of free PGP programs for different clients can be found here and here.

To enable PGP email encryption on your form, follow these steps:

To ensure your PGP encryption setup goes smoothly, keep these things in mind:

Data Encryption

Data encryption, in this case, refers to the encryption of data stored in the online Formstack database. This database encryption works by generating public and private keys that are stored with your form and require you to set an encryption password.

The public key encrypts the data saved in the database, the private key decrypts the data, and the password you set encrypts the private key. Your encryption password is not saved on the server in plain text, so no one can access or decrypt the information without knowing your encryption password.

To enable database encryption on your form, follow these steps:

To ensure your data encryption setup goes smoothly, keep these things in mind:

To learn more about Formstack’s other web form security features, click below to dive into part one of this security series.