Database Encryption

Details :
We have implemented Database encryption known as Transparent Data encryption.it is most critical and native solution available by leading database companies. It is implemented at file level.It helps to solve the problems like saving the data during rest. It protects the DB file at local/server drives and also most important during backup taken on media.
DB saved on local HDD or backup media are prone for theft as there is no protecting as any hacker can retrieve the data on other devices for data theft/transfer. This implementation solves all mentioned issues. Encryption applies on the identified DB fields having personally identifiable information. Basis on the critically it has been implemented on Oracle and SQL databases by command line parameters.


Challenges / Hurdles while implementation
Initially we had too much resistance by App owner on implementation, They were not sure on Application functionality.
App Owner and Users were not ready to allow implement DB encryption.
TDE is OS level encryption which does not have any impact on application functionality. Instead of Data masking , we opted for DB encryption at OS level within native feature.


Benefits :
We have met the Audit and compliance requirement by database encryption implementation.
The key purpose achieved is to protect data being stored from misuse or malicious intent, This enables data protection for all the confidential and important business and application data of the customers.
Also encryption of critical databases is for prevention by theft , mis-use and hacking.
Lastly for Information Security.

Key Business Drivers:
Data Protection – One of the major Key factor to implement the Database encryption is data protection on all the customer / user data saved in the Database
Audit and Compliance – As a part of requirement, it was recommended to apply database encryption on all the critical database hosted in the organization. Compliances such as PCIDSS is also covered.
Authorized Access/Hacking – Since company’s data is the atmost critical data to drive the over all business, hence most key driver to implement this technology project is to ensure that it is safeguarded by hackers or any internal /external users or to prevent all kind of mischief or data theft.


Tech Links
https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/transparent-data-encryption?view=sql-server-ver15

https://docs.oracle.com/database/121/ASOAG/introduction-to-transparent-data-encryption.htm#ASOAG10117

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform