you could also plaintext store it and hide it on the form. You already have security with netsuite so you're just doing security ontop of security that point but people are beyond paranoid these days so thats probably not a valid solution