> Firstly, to keep the data contents safe should your system ever be
> hacked. There have been cases where data fell into the wrong hands. If
> that data is in the wrong hands, should it be easily used? Those of us
> who work in some federal govt sites now have a requirement to encrypt
> personal information. Should a hacker gain access to credit cards,
> social security numbers, etc., there are no problems if the data is
> encrypted, unless you left the decryption keys out in the open too. No
> matter how secure your database is, there will always be holes and
> exploits that can be used to gain unwanted access. Encryption is the
> next line of defense after good security policies.
All that is valid if you have some form of access control to your encryption
keys which is more secure than the username/password security typically
available in the OS and database. Maybe my experience is limited but some
(many?) database encryption systems rely only on password-based encryption
with password policies no better than those offered by Windows. I realize
that better options are available but I wanted to understand whether the OP
had some particular requirement in mind or just made an assumption that an
encrypted database was inherently more secure than a non-encrypted one.
--
David Portas
SQL Server MVP
--
Received on Mon Mar 01 2004 - 15:48:11 CST
