Author: Ulf T. Mattsson, Chief Technology Officer, Protegrity Corporation.
 
OVERVIEW

There are three commonly accepted baseline implementation and function requirements for a successful data encryption solution.  However, each system layer approach delivers an encrypted solution in a different manner and address a multitude of different requirements. These requirements are broken out between critical requirements, “must-haves” for a solution to effectively secure the data, and practical requirements, factors that make it feasible for an enterprise to deploy a solution. 

The three different approaches reviewed in this paper are:
·        Application-Layer
·        Database-Layer
·        Storage-Layer
 
The Application-Layer and Storage-Layer methods are  known to be problematic in the areas of both critical and practical functional requirements.  To date, only the Database-Layer method has proven to deliver all of the critical and practical functional requirements.

INTRODUCTION

DATABASE ATTACKS CAN HAVE SEVERE ECONOMIC CONSEQUENCES

Database attacks are rising and they can result in the loss or compromise of information critical to running your business day-to-day, from inventory and billing data to customer data and human resources information. In addition databases are holding increasing amounts of sensitive information on behalf of your customers — financial records, healthcare histories, order histories, credit card and Social Security numbers. Any loss will be an operational and customer relationship disaster as well as a financial nightmare. Do you know how many employees have access to your databases? If you are using passwords for administrators, how are passwords being stored? Do you have security policies in place that include auditing your database security and monitoring for suspicious activity?