How to Protect Sensitive Data Using Database Encryption

Database encryption has gradually worked its way up the priority list for today's IT director. Firewalls and application security are no longer enough to protect businesses and data in the modern-day, open and complex IT environment. Mitigating this risk and complying with numerous emerging regulations are two principal drivers that are forcing database encryption onto the IT director's agenda. Here, Knowledge Center contributor Christian Kirsch explains how these challenges can be overcome and advises on best practices for database encryption.


Many businesses today are struggling to overcome the numerous challenges associated with database encryption. Organizations today are most concerned about key management, regarding it as the biggest challenge in database encryption. Enterprises are also grappling with issues such as how to separate database and security management, how to control the usage and copying of keys, and how to prove data security to the auditor.

Advanced security through database encryption is required across many different sectors and is increasingly needed to comply with regulatory mandates. The public sector, for example, uses database encryption to protect citizen privacy and national security. Initiated originally in the United States, many governments now have to meet policies requiring Federal Information Processing Standard (FIPS) validated key storage.

For the financial services industry, it is not just a matter of protecting privacy but also complying with regulations such as the Payment Card Industry Data Security Standard (PCI DSS). This creates policies that not only define what data needs to be encrypted and how, but also places some strong requirements on keys and key management. In fact, Requirement 3 of PCI version 1.2 (that is, to protect stored cardholder data) seems to be one of the more difficult aspects with which to comply.

One approach that can help companies address the encryption challenges associated with regulation is the "defense in depth" principle, which advocates many layers to strong security-ranging from physical security and access controls, to rights assignment and network security (including firewalls and, crucially, encryption of data both at rest and in transit).

Strong security is all about reducing the attack surface available to hackers and malicious users. If one method of attack is deemed too difficult, they will attempt to move on and exploit another weakness.

Overcoming key management issues

It is important that database encryption is accompanied by key management; however, this is also the main barrier to database encryption. It is well-recognized that key use should be restricted and that key backup is extremely important. However, with many silos of encryption and clusters of database application servers, security officers and administrators require a centralized method to define key policy and enforce key management.

Yet, just a relatively small number of Hardware Security Modules (HSMs) in the same security world can manage keys across a large spectrum of application servers, physical servers and clusters. Such a centralized strategy reduces total operational costs due to the simplification of key management. With data retention policies in some industries requiring storage for seven years or more, retaining encrypted data means that organizations need to be certain that they are also managing the storage of the key that encrypted that data.

An additional best practice rule of encryption is that the encrypted key should never be stored alongside the data it was used to encrypt. Placing encryption keys within the HSM enforces this policy. Furthermore, hardware can better protect encryption keys, as the application never handles the key directly, the encryption key never leaves the device, and the key cannot be compromised on the host system. As a result, unauthorized employees or data thieves cannot access the key material or the cryptographic functions and operations that use keys.