Encryption – Final Thoughts
Database encryption can be performed at a number of levels.
- Encrypt the drive(s) on which the database is hosted
- Encrypt the Entire Database
- Encrypt the Data before sending it to the Database
- Encrypt the Data inside the database itself
- Encrypt backups
All of these techniques are effective and serve different purposes. I like to start with external encryption. I prefer to have binary data types for encrypted data in the database, encrypt the data using external tools, and then insert it as binary into the database. The data is never at rest in an un-encrypted state.
This technique has the following benefits:
- It assures that anyone gaining access to the database directly cannot view the original contents
- It scales out. Encryption performed outside of the database allows the database server to perform data services without the overhead of encryption
- You may not have to worry about encrypting backups…the protected data is already encrypted in the existing database
- Internet facing web systems do not pass data around in an un-encrypted form making it more difficult for hackers to capture
Exact searches may be done by encrypting search criteria and comparing it to the binary values in the database. For encrypted data such as a Government Issued ID or Credit Card Number, and exact match is usually desirable.
Working with credit card numbers I have seen systems storing the first N digits in clear text, while the entire contents are stored in encrypted form. This allows for searches with a partial number. You may have seen something similar to this in online shopping when you use a credit card already stored on the site. The site prompts you with some digits from your card number so you can verify it, but not enough for someone to steal it.
There’s much more to be said about encryption techniques. Feel free to share your insights by making comments below or sending an Email to btaylor@sswug.org.
Cheers,
Ben