Marketers / Marketing Cloud / Security

Securely Transfer Data to Marketing Cloud Personalization (Interaction Studio) with PGP Encryption

By Jakub Dabkowski

Salesforce Interaction Studio (now known as Marketing Cloud Personalization), is Salesforce’s real-time personalization and interaction management solution that’s part of Salesforce Marketing Cloud. You can use both online and offline customer data to power personalized experiences on web, email, and more. 

In my previous article, “Data Transfer Into Salesforce Interaction Studio (via CSV)”, we learned about transferring data from an external system to Interaction Studio using an SFTP account. This article will delve deeper into the topic and explore the importance of securely transferring data.

Why is Transfering CSV Files Securely Important?

CSV files often contain valuable information and are famous for businesses to store and exchange data. However, they can also be vulnerable to unauthorized access or tampering if not protected appropriately. 

PGP encryption is a way to keep your information safe when sending it to someone else or storing it. Think of it as putting a message inside a locked box; only the person you’re sending it to has the key to open that box.

PGP uses two ‘keys’ for this process: public and private keys. The public key is like the lock on the box; anyone can use it to lock the box (encrypt the message), but they can’t use it to unlock the box (decrypt the message).

The private key is like the key to the lock; only the private key can open the box and read the message inside.

So, when sending someone a secure message, you should use their public key to lock the box (encrypt the message). Only the intended recipient with the corresponding private key can unlock the box (decrypt the message) and read its contents. This way, even if someone intercepts the locked box, they won’t be able to open it and read the message inside without the private key.

If you are familiar with file encryption, let’s encrypt a CSV file and see how Interaction Studio manages it in three simple steps.

Step 1: Download the PGP Public Key

To obtain the public key, visit Salesforce Help and locate it on the page. Once you have found it, copy the key into a text file using your preferred editor, but ensure that you are using the text mode and not the WYSIWYG mode. I prefer to use the VIM editor for this task, but I have an old-school approach.

To ensure that the file with the Interaction Studio public key is recognized, add the ‘.asc’ file extension. For example, I have named my file interaction_studio_public_key.asc.

Step 2: Encrypt Your Files with Python

Why use Python? Python is an excellent programming language for marketing automation specialists because it is easy to learn, versatile, and has many libraries and tools to help automate repetitive tasks, analyze data, and create custom solutions. 

We can use it for web scraping, data cleaning, data visualization, and machine learning. Additionally, Python has a large and active community, which means plenty of resources and support are available for users. If you want to learn new tricks, you can use ChatGPT for it, and it will give you mostly correct code…

If you want, feel free to use my code or create your own.

The encrypt_file function takes three parameters: 

  • The file_path is the path to the file you want to encrypt.
  • The key_path is the path to the public key used for encryption.
  • The output_path is where the encrypted file will be saved.

Initially, the function checks if the file and key specified by the paths provided exist. If not, it logs an error and returns without doing anything. It then loads the public key and checks if it’s a valid public key, logging an error if it’s not. It then reads in the file to be encrypted as a byte stream and encrypts it using the public key, generating an encrypted message. 

This encrypted message is then written to the output_path as a byte stream. If anything goes wrong during this process, the function catches the exception and logs an error message, noting that an error occurred during file encryption.

We will import a CSV file into Salesforce Personalization using UserETL. The file contains data about our customers and is named user-2023-05-27_18-00-00.csv.

We can execute this function using the following code:

Step 3: Transfer Your File to the SFTP Account

After the process is complete, you will receive an encrypted file. To confirm, please open the file using your text editor. You should see something like this:

If you cannot identify the original file, that’s great news! It implies that without the private key (which is only accessible to Salesforce), the file cannot be decrypted. However, there’s no need to worry because Interaction Studio can decrypt it since they have access to the key.

In the next step, open your preferred FTP client and use your login credentials to connect to the Interaction Studio FTP account. Once connected, navigate to the ‘inbound’ folder and copy your file. Afterward, allow approximately 10 minutes for the process to complete.


Great news! You have successfully learned how to encrypt your files using Python and the public key from Salesforce Interaction Studio (Marketing Cloud Personalization). 

You can also automate this process in the production environment with the Python code. It means you can rest easy knowing that your sensitive PII is protected and won’t be compromised.

The Author

Jakub Dabkowski

Jakub has had an extensive and varied career in marketing automation, gaining expertise in various platforms, including Salesforce Marketing Cloud and Pardot.

Leave a Reply

24th - 27th November


50% off

all courses