How to Use the Licenseware Encryptor

The Licenseware Encryptor is a powerful PowerShell script designed to help you anonymize sensitive data within your Excel (.xlsx) and CSV (.csv) files. It uses a one-way hashing method to obfuscate data in user-specified columns, ensuring that Personally Identifiable Information (PII) is protected while maintaining data relationships for analysis.

This tool is ideal for when you need to share data with Licenseware or other third parties for analysis without exposing sensitive information.

Overview

The Licenseware Encryptor script automates the process of data obfuscation. Here’s a brief overview of what it does:

• Scans for Files: It processes all .xlsx and .csv files located in a designated Input folder.

• Identifies Columns: The script identifies which columns to obfuscate by looking for the tag (encrypt) in the column header.

• Hashes Data: It uses a user-provided secret key (a "salt") to perform a one-way SHA-256 hash on the data in the tagged columns. This process is irreversible.

• Maintains Consistency: The same data value (e.g., the name "John Smith") will always be hashed into the exact same obfuscated value, ensuring that data relationships are preserved across all files.

• Generates Outputs: The script creates an Output folder containing:

  1. The newly generated files, prefixed with ENCRYPTED_.

  2. A _KeyMap.csv file, which serves as a "vlookup" table mapping the original values to their hashed counterparts.

Before You Begin (Prerequisites)

To get started, you will need the following:

1. The Script File

The script is available upon request. Please contact your Licenseware representative to receive the latest version.

2. System Requirements

• A Windows machine with PowerShell 5.1 or later. (This is standard on Windows 10 and 11).

3. Install the ImportExcel Module

The script relies on a trusted, third-party PowerShell module to handle Excel files. Before running the script for the first time, you must install this module.

1. Open PowerShell.

2. Copy and paste the following command and press Enter:

Install-Module -Name ImportExcel -Scope CurrentUser -Force

This is a one-time setup. You will not need to do this again on the same machine.

Step-by-Step Guide

Follow these steps to set up and run the Licenseware Encryptor.

Step 1: Create Your Folder Structure

1. Create a main folder for this process (e.g., C:\DataScrubber).

2. Save the Obfuscate-Data.ps1 script inside this main folder.

3. Inside the main folder, create a new subfolder and name it exactly Input.

Your folder structure should look like this:

C:\Encryptor\
|
|--- Licenseware_Encryptor.ps1  (The script)
|
\--- Input\              (Your source files go here)

Step 2: Prepare Your Data Files

1. Place all the Excel and CSV files you need to process into the Input folder.

2. Open each file and identify the columns containing sensitive data.

3. In the header row of each file, append the tag (encrypt) to the end of the column name for every column you wish to obfuscate. E.g.:
   

• Before: Manufacturer

• After: Manufacturer (encrypt

Step 3: Run the Script

Open a PowerShell window.

Navigate to the main folder you created in Step 1 using the cd command, e.g.:

cd C:\Encrytpor

Run the script using the following command. The -ExecutionPolicy Bypass flag is used to ensure the local script is allowed to run on your system.

powershell.exe -ExecutionPolicy Bypass -File ".\Licenseware_Encryptor.ps1"

Step 4: Enter Your Secret Key (Salt)

The script will now display the Licenseware Encryptor banner and prompt you to enter your secret key.

⚠️ Important: This key is critical. It is used as a "salt" for the hashing process.

• The key must be 8-20 characters long.

• It must be alphanumeric (letters and numbers only). No special characters or spaces.

• You must remember this key. If you need to obfuscate more files in the future and want the values to match, you will need to use the exact same key. Losing this key means the _KeyMap.csv is the only way to identify the original data.

Step 5: Review the Output

The script will process your files and automatically create an Output folder. Inside, you will find:

• ENCRYPTED_ files: Your original files, now with the specified data obfuscated and the (encrypt) tags removed from the headers.

• _KeyMap.csv: A two-column file containing the OriginalValue and its corresponding ObfuscatedValue. This is your lookup key. Guard it carefully.

Troubleshooting

"File cannot be loaded... not digitally signed" Error

This is the most common issue and is caused by PowerShell's security policies. If the Bypass command in Step 3 fails, you can set the policy for your user account with these one-time steps:

1. Click the Start Menu and type "PowerShell".

2. Right-click "Windows PowerShell" and select "Run as administrator".

3. In the admin window, run this command:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser

1. It may ask for confirmation. Type Y and press Enter.

2. Close the administrator window. You can now run the script from a normal PowerShell window using just .\Obfuscate-Data.ps1.

How It Works (Technical Details)

• Hashing Algorithm: The script uses SHA-256, a one-way cryptographic hash function. This is an industry standard for creating a unique and irreversible "fingerprint" of data.

• Salting: Your secret key is used as a salt. This means it is added to your data before hashing. This technique protects the obfuscated data against dictionary and rainbow table attacks, making it significantly more secure.

Getting Support

If you encounter any issues or have questions about the Licenseware Encryptor, please don't hesitate to reach out.

• Email: support@licenseware.io

• Help Center: https://help.licenseware.io