Database - eWeek

Home

Database

Page 2 - Back to School with Database Encryption 101

	LATEST STORIES
	- Dell Plans to Sell Computer Factories: Repor... - Comcast Sues FCC over Network Neutrality Rul... - OpenAjax Alliance Pushes AJAX IDE Interopera... - Microsoft Plans 4 Security Bulletins for Pat... - NebuAd Abandons DPI Scheme

	BEST OF THE BLOGOSPHERE
	iPhone's Mediocre Battery Life Still Beats Rivals The Android Developer Revolt Google Feels Developers' Pain Nokia Launches Location-Aware Chat Client Parallel Processing Transforming Enterprise Computing

	eWEEK EDITORIAL CALENDAR
	For a list of what eWEEK is covering this year, go to our editorial calendar.


	Killing Botnets: A View From the Trenches from McAfee Using Security Compliance Software to Improve Business Efficiency and Reduce Costs from Symantec Using Web Conferencing to Ensure Successful Enterprise Application Deployment from WebEx Communications See All White Papers >


	Security Solutions Build a Successful Security Strategy As enterprises enable remote workers, promote collaborative tools and increase interdependence on global business partners, security challenges grow. Get up to speed on effective strategies, best practices and tools to keep data, clients, servers and mobile devices safe from threats. Join us on Sept. 17 for this interactive Virtual Tradeshow as industry experts, authorities and your peers share the information you need to build a solid security foundation. Register Now!

How Tech Supports Business Initiatives

Planning For IT Continuity

Enterprise Standards For Mobility

How To Manage Virtualization

What Can Green Do For You?

Back to School with Database Encryption 101

By Lisa Vaas
2004-09-02

Article Views: 1790
Article Rating:

/ 0

Table of Contents:

Rate This Article:

Add This Article To:

Digg this

Del.icio.us

Slashdot

Y! My Web

E-mail

Furl

Google

Simpy

Spurl!

PDF Version

Back to School with Database Encryption 101 - ' File Encryption, Database Encryption '
( Page 2 of 3 )

Once deployed, you have to get databases up to standard levels. Sounds basic, doesnt it? "Its astonishing how few people have figured this out for databases," Julian told me. Everybody knows what server software theyre running with xyz patches, what password policies are, etc.

But if youre not auditing databases on an ongoing basis, and making sure theyre up to whatever level of update your enterprise has defined as being its baseline, you dont know how secure your database is, even if youre encrypting the entire database.

Next step, pre-encryption, is to harden systems so that they have secure configurations. That means securing default passwords and IDs to administrator and listener accounts, lest you leave the database wide open.

Some DBAs say theyll spend Labor Day weekend applying Oracles latest, critical patch. Click here to read more.

Intrusion detection comes into play next, to provide real-time protection while youre busy patching all of those databases, serving to alert and shut down an attack before it can cause damage. Thats why its deployed on the network, and thats why it should be deployed on the database.

Encryption is your last line of defense, when theres no patch yet available and theres no signature for identity detection. It will keep somebody whos about to gain root access to your database from actually getting your customers credit card numbers or Social Security numbers, for example.

This is where you get into the question of what to encrypt, and theres no easy answer to that.

Is standard file encryption required with database encryption? When a file system is encrypted, whatever lives inside it—be it database table or text file—is encrypted. Database encryption experts will assure you that theres certainly overhead implied in either case, whether theres the abstraction layer of file encryption or not.

CERT/CCs Manion says they both imply different kinds and different amounts of overhead, depending on what file system youre talking about, what database youre using and what type of database encryption youre using. In other words, the question is impossible to answer without knowing the specifics of a given system setup.

But one way to avoid overhead is to encrypt at the column level in a database table, rather than encrypting anything and everything on a file system.

Securing directories versus securing the database. Depending on whats stored in there, it might make sense to encrypt a directory, Manion says. If youre talking about an internal server that contains internal phone and contact information for an internal staff, and its not exposed to the outside world, it might not be worth the effort to encrypt it. Bear in mind, once you do choose to encrypt, youre adding another layer of logging on and/or passwords. These things dont come free.

Next Page: The tough question of estimating damages post-breach.

Next: ' Estimating Damages ' >>

	Discuss Back to School with Database Encryption 101

	>>> Be the FIRST to comment on this article!



	>>> More Database Articles >>> More By Lisa Vaas

Email Article To Friend ♦ Print Version Of Article ♦ PDF Version Of Article

FREE ZIFF DAVIS ENTERPRISE ESEMINARS AT ESEMINARSLIVE.COM

Sep 8, 12 p.m. ET
Leveraging Information to Address the Challenges of Today's Unique Economic Environment with Joel Shore. Sponsored by IBM

Sep 9, 1 p.m. ET
Create an Effective SOA Quality Management Strategy with Web 2.0 with Joel Shore. Sponsored by HP

Sep 9, 2 p.m. ET
The New Age of Video Surveillance with Salvatore Salamone. Sponsored by Overland Storage

Sep 10, 12 p.m. ET
Virtualization, Automation and Databases with Joel Shore. Sponsored by Parallels

Sep 10, 1 p.m. ET
Disk-Based Data Protection: iSCSI SAN and Intelligent Data with Aaron Goldberg. Sponsored by Dell EqualLogic & Symantec

Sep 10, 2 p.m. ET
Top Ten Challenges with On-Premise Email Management with Michael Krieger. Sponsored by Dell MessageOne

Sep 11, 2 p.m. ET
Tracking IT Assets with RFID: Time, Money and Accuracy Savings with Aaron Goldberg. Sponsored by CDW

Sep 11, 4 p.m. ET
Reliable: What the True Meaning of Data Protection Should Be with Michael Krieger. Sponsored by InMage

More Upcoming Events!

FEATURED DISCOVERY TOOL

New from Ziff Davis Enterprise, this interactive tutorial provides an immersive educational experience and a guided tour of HP’s broad range of storage solutions. Using the Interactive Discovery Tool, you control the sequence of topics and drill down to the most relevant content for your company’s needs. Each page includes links to insightful white papers, videos, eSeminars, and case studies highlighting the importance of efficient enterprise storage.

Click here to check it out today and take advantage of access to helpful assets that address:

Reducing backup dataset sizes with deduplication

Storage consolidation and virtualization

Optimized file services

Disk-to-tape and disk-to-disk backup and archiving

Visit now!

Sponsors

The New Latitude: Dell’s longest battery life yet.

Spam-proof your business with Google email security

The ROI & TCO of Data Deduplication for Data Protection

Microsoft System Center - Designed For Big

Protect data-HP All-in-One and Disk-Based systems

Meet the demand for green technology with HP desktops

Learn about the software-based VoIP solution from Microsoft.

HP StorageWorks Scalable NAS - Next-gen storage

Get Tech On Tap technical enewsletter from NetApp.

Microsoft Forefront makes defending your systems easier.

Work Less. Deliver More. Try Crystal Reports® Server 2008

Meet Windows Server 2008. The server unleashed.

ShoreTel - Unified Communications Made Easy.

Samsung Flash: www.samsung.com/semi/flash

RCN Metro. The Smart Alternative.

Satellite® Pro Series. Feature-packed, business-ready.

Download the “Best Antivirus Product of 2007”

Videos Sponsored by:

EWEEK E-MAIL NEWSLETTERS bring you reliable, timely information to stay on top of the business of technology -- and technology in business -- and get more out of the Web. Make your choices and start your subscriptions today!

EWEEK RSS NEWS FEEDS contain a daily feed of our latest stories from over 30 different categories including Enterprise Apps, Business Intelligence, Security, VOIP and more!

Subscribe to our RSS feeds today for free...

	Issue Index \| Contact Us \| About \| Advertise \| Magazine Customer Service \| Site Map
	Security: Enterprise Security Network Security Infrastructure Security How To: Data IT Security News Cheap Hack Blog Security Watch Blog Storage: Data Storage Cloud Storage Storage Virtualization Network Access Storage Storage Reviews Data Storage News How To: Storage Storage Station Blog Computing: Apple OSX Linux Systems Windows Vista Managed Print Services Cloud Computing PC Reviews Microsoft Watch Blog Apple Watch Blog Google Watch Blog Communications: VoIP Solutions Wireless Technology Messaging Software Web Services Mobile Applications Wireless News Mobile Reviews Apps & Development: Application Development SAAS Search Engines Database Software Web 2.0 IT Project Management Emerging Tech Blog CIO Insight Blogs CIOs
	Vertical Markets: Federal Government IT Health Care IT Finance IT Mid-Market Channel Partners Careers Blog Value Added Resellers More eWeek Links: Tech Knowledge Center Tech Newsletters Tech RSS Feeds White Papers Tech Podcasts Tech Videos eWeek Magazine Subscriptions Enterprise Websites: ZDE Home Baseline Channel Insider CIO Insight eSeminars eWeek Mid-Market Publish Online Web Buyers Guide Developer Websites: Dev Shed DeveloperShed ASP Free MS DevSource SEO Chat Codewalkers Tutorialized Scripts.com Dev Mechanic Dev Articles Web Hosters Dev Hardware Technology Websites: Device Forge Desktop Linux Linux Devices Windows for Devices iGrep Search Engine PDF Zone Linux Watch
	Use of this site is governed by our Terms of Use and Privacy Policy Copyright ©1996-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited. eWeek is your best source for the latest Technology News. ZDE Cluster 2 hosted by Hostway.