Add option for Email Encryption for OBI report deliveries

Aaron Johnson-40082

Description

Email is not a secure information delivery or storage method with out encryption. When delivering reports that contain PII, this is a risk

Use Case and Business Need

Email is not a secure information delivery or storage method with out encryption. When delivering reports that contain PII, this is a risk. Email however is our only way of automating report deliveries.

Our current work-around is to manually run and download the reports to a secure location, then manually deliver reports via secure email (or restricted folder location), but this could easily be automated, if we could get the option to send reports via encrypted email

Original Idea Number: fd9452ab56

Mary Leigh Rayhab

Hi Aaron ... maybe I'm missing something, but I recently researched this and identified the following knowledge document indicating that TLS is utilized by the OBI scheduling agent.  Knowledge Document: 2019812.1 which states:

Oracle Taleo uses Transport Layer Security (TLS) for email encryption.

• TLS is only engaged if the destination server is also configured to accept or support TLS, and successfully establishes a TLS connection
• If the destination server is not configured for TLS, the message will be sent not encrypted

It may be necessary for you to consult with your internal IT department to ensure that TLS is configured and enabled on the SMTP server used by your IT department for email related operations.

Aaron Johnson-40082

Thank you! I did not find that and Oracle support did not mention this. I don't know if it will work or apply in my case, but at least there is something new to look into.