Database encryption has gradually worked its way up the priority list for today's IT director. Firewalls and application security are no longer enough to protect businesses and data in the modern-day, open and complex IT environment. Mitigating this risk and complying with numerous emerging regulations are two principal drivers that are forcing database encryption onto the IT director's agenda. Here, Knowledge Center contributor Christian Kirsch explains how these challenges can be overcome and advises on best practices for database encryption.
businesses today are struggling to overcome the numerous challenges
associated with database encryption. Organizations today are most
concerned about key management, regarding it as the biggest challenge
in database encryption. Enterprises are also grappling with issues such
as how to separate database and security management, how to control the
usage and copying of keys, and how to prove data security to the
Advanced security through database encryption is required across
many different sectors and is increasingly needed to comply with
regulatory mandates. The public sector, for example, uses database
encryption to protect citizen privacy and national security. Initiated
originally in the United States, many governments now have to meet
policies requiring Federal Information Processing Standard (FIPS)
validated key storage.
For the financial services industry, it is not just a matter of
protecting privacy but also complying with regulations such as the
Payment Card Industry Data Security Standard (PCI DSS). This creates
policies that not only define what data needs to be encrypted and how,
but also places some strong requirements on keys and key management. In
fact, Requirement 3 of PCI version 1.2
(that is, to protect stored cardholder data) seems to be one of the more difficult aspects with which to comply.
One approach that can help companies address the encryption
challenges associated with regulation is the "defense in depth"
principle, which advocates many layers to strong security-ranging from
physical security and access controls, to rights assignment and network
security (including firewalls and, crucially, encryption of data both
at rest and in transit).
Strong security is all about reducing the attack surface available
to hackers and malicious users. If one method of attack is deemed too
difficult, they will attempt to move on and exploit another weakness.
Overcoming key management issues
It is important that database encryption is accompanied by key
management; however, this is also the main barrier to database
encryption. It is well-recognized that key use should be restricted and
that key backup is extremely important. However, with many silos of
encryption and clusters of database application servers, security
officers and administrators require a centralized method to define key
policy and enforce key management.
Yet, just a relatively small number of Hardware Security Modules
(HSMs) in the same security world can manage keys across a large
spectrum of application servers, physical servers and clusters. Such a
centralized strategy reduces total operational costs due to the
simplification of key management. With data retention policies in some
industries requiring storage for seven years or more, retaining
encrypted data means that organizations need to be certain that they
are also managing the storage of the key that encrypted that data.
An additional best practice rule of encryption is that the encrypted
key should never be stored alongside the data it was used to
encrypt. Placing encryption keys within the HSM enforces this
policy. Furthermore, hardware can better protect encryption keys, as
the application never handles the key directly, the encryption key
never leaves the device, and the key cannot be compromised on the host
system. As a result, unauthorized employees or data thieves cannot
access the key material or the cryptographic functions and operations
that use keys.