diff --git a/managed_vms/cloudsql/pom.xml b/managed_vms/cloudsql/pom.xml
index 4579dde28c2..988bbfb09ed 100644
--- a/managed_vms/cloudsql/pom.xml
+++ b/managed_vms/cloudsql/pom.xml
@@ -21,6 +21,11 @@
       <version>5.1.38</version>
     </dependency>
     <!-- [END dependencies] -->
+    <dependency>
+      <groupId>org.jasypt</groupId>
+      <artifactId>jasypt</artifactId>
+      <version>1.9.2</version>
+    </dependency>
   </dependencies>
   <build>
     <!-- for hot reload of the web application -->
diff --git a/managed_vms/cloudsql/src/main/java/com/example/managedvms/cloudsql/CloudSqlServlet.java b/managed_vms/cloudsql/src/main/java/com/example/managedvms/cloudsql/CloudSqlServlet.java
index c4bdd569f4d..ca50da04b45 100644
--- a/managed_vms/cloudsql/src/main/java/com/example/managedvms/cloudsql/CloudSqlServlet.java
+++ b/managed_vms/cloudsql/src/main/java/com/example/managedvms/cloudsql/CloudSqlServlet.java
@@ -16,6 +16,8 @@
 
 package com.example.managedvms.cloudsql;
 
+import org.jasypt.util.text.BasicTextEncryptor;
+
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.sql.Connection;
@@ -40,12 +42,18 @@ public class CloudSqlServlet extends HttpServlet {
   @Override
   public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException,
       ServletException {
+    // encrypt user ip using PBEWithMD5AndDES
+    BasicTextEncryptor encryptor = new BasicTextEncryptor();
+    encryptor.setPassword(Double.toString(10000*Math.random()));
+    String userIp = encryptor.encrypt(req.getRemoteAddr());
+
     final String createTableSql = "CREATE TABLE IF NOT EXISTS visits ( visit_id INT NOT NULL "
         + "AUTO_INCREMENT, user_ip VARCHAR(46) NOT NULL, timestamp DATETIME NOT NULL, "
         + "PRIMARY KEY (visit_id) )";
     final String createVisitSql = "INSERT INTO visits (user_ip, timestamp) VALUES (?, ?)";
     final String selectSql = "SELECT user_ip, timestamp FROM visits ORDER BY timestamp DESC "
         + "LIMIT 10";
+
     PrintWriter out = resp.getWriter();
     resp.setContentType("text/plain");
     String url = System.getenv("SQL_DATABASE_URL");
@@ -58,7 +66,7 @@ public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOExc
       try (ResultSet rs = conn.prepareStatement(selectSql).executeQuery()) {
         out.print("Last 10 visits:\n");
         while (rs.next()) {
-          String userIp = rs.getString("user_ip");
+          userIp = rs.getString("user_ip");
           String timeStamp = rs.getString("timestamp");
           out.print("Time: " + timeStamp + " Addr: " + userIp + "\n");
         }
diff --git a/managed_vms/cloudstorage/src/main/java/com/example/managedvms/cloudstorage/UploadServlet.java b/managed_vms/cloudstorage/src/main/java/com/example/managedvms/cloudstorage/UploadServlet.java
index e1f522e9ec4..2f9a3715e5e 100644
--- a/managed_vms/cloudstorage/src/main/java/com/example/managedvms/cloudstorage/UploadServlet.java
+++ b/managed_vms/cloudstorage/src/main/java/com/example/managedvms/cloudstorage/UploadServlet.java
@@ -52,6 +52,8 @@ public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOEx
       ServletException {
     final Part filePart = req.getPart("file");
     final String fileName = filePart.getSubmittedFileName();
+
+    // Modify access list to allow all users with link to read file
     List<Acl> acls = new ArrayList<>();
     acls.add(Acl.of(Acl.User.ofAllUsers(), Acl.Role.READER));
     // the inputstream is closed by default, so we don't need to close it here
@@ -60,6 +62,8 @@ public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOEx
             BlobInfo.builder(BUCKET_NAME, fileName).acl(acls).build(),
             filePart.getInputStream());
     blobInfo = storage.get(BUCKET_NAME, fileName);
+
+    // return the public download link
     resp.getWriter().print(blobInfo.mediaLink());
   }
 }
diff --git a/managed_vms/datastore/pom.xml b/managed_vms/datastore/pom.xml
index cf0702e3143..6d9ff7ebebc 100644
--- a/managed_vms/datastore/pom.xml
+++ b/managed_vms/datastore/pom.xml
@@ -14,13 +14,18 @@
       <type>jar</type>
       <scope>provided</scope>
     </dependency>
-    <!-- [START dependencies] -->  
+    <!-- [START dependencies] -->
     <dependency>
       <groupId>com.google.gcloud</groupId>
       <artifactId>gcloud-java-datastore</artifactId>
       <version>0.1.3</version>
     </dependency>
     <!-- [END dependencies] -->
+    <dependency>
+      <groupId>org.jasypt</groupId>
+      <artifactId>jasypt</artifactId>
+      <version>1.9.2</version>
+    </dependency>
   </dependencies>
   <build>
     <!-- for hot reload of the web application -->
@@ -62,7 +67,11 @@
           <failsOnError>true</failsOnError>
         </configuration>
         <executions>
-          <execution><goals><goal>check</goal></goals></execution>
+          <execution>
+            <goals>
+              <goal>check</goal>
+            </goals>
+          </execution>
         </executions>
       </plugin>
       <plugin>
diff --git a/managed_vms/datastore/src/main/java/com/example/managedvms/datastore/DatastoreServlet.java b/managed_vms/datastore/src/main/java/com/example/managedvms/datastore/DatastoreServlet.java
index bc1955395ce..ad29093e2cd 100644
--- a/managed_vms/datastore/src/main/java/com/example/managedvms/datastore/DatastoreServlet.java
+++ b/managed_vms/datastore/src/main/java/com/example/managedvms/datastore/DatastoreServlet.java
@@ -27,6 +27,8 @@
 import com.google.gcloud.datastore.QueryResults;
 import com.google.gcloud.datastore.StructuredQuery;
 
+import org.jasypt.util.text.BasicTextEncryptor;
+
 import java.io.IOException;
 import java.io.PrintWriter;
 
@@ -44,17 +46,25 @@ public class DatastoreServlet extends HttpServlet {
   @Override
   public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException,
       ServletException {
+    // encrypt user ip using PBEWithMD5AndDES
+    BasicTextEncryptor encryptor = new BasicTextEncryptor();
+    encryptor.setPassword(Double.toString(10000*Math.random()));
+    String userIp = encryptor.encrypt(req.getRemoteAddr());
+
     Datastore datastore = DatastoreOptions.defaultInstance().service();
     KeyFactory keyFactory = datastore.newKeyFactory().kind("visit");
     IncompleteKey key = keyFactory.kind("visit").newKey();
+
     // Record a visit to the datastore, storing the IP and timestamp.
     FullEntity<IncompleteKey> curVisit = FullEntity.builder(key)
-        .set("user_ip", req.getRemoteAddr()).set("timestamp", DateTime.now()).build();
+        .set("user_ip", userIp).set("timestamp", DateTime.now()).build();
     datastore.add(curVisit);
+
     // Retrieve the last 10 visits from the datastore, ordered by timestamp.
     Query<Entity> query = Query.entityQueryBuilder().kind("visit")
         .orderBy(StructuredQuery.OrderBy.desc("timestamp")).limit(10).build();
     QueryResults<Entity> results = datastore.run(query);
+
     resp.setContentType("text/plain");
     PrintWriter out = resp.getWriter();
     out.print("Last 10 visits:\n");