8

Recently I've been working on some data which, although not directly governed by any infosec laws, is sensitive enough to warrant being encrypted. I'm interested in finding out about best practises with regards to storage of such data, in particular whether encryption is best implemented at the OS / filesystem level or at the database level?

What are the pros and cons of these two approaches in terms of security, scalability, and accessibility, and is either one of these approaches inherently better than the other?

The particular application I'm working on is a webapp, and it should go without saying that the data will need to be transmitted over HTTPS, since storing data in a secure fashion is pointless when it is transmitted over an open connection.

Richard Keller
  • 183
  • 1
  • 4

1 Answers1

6

The encryption you use depends on the risk you're trying to mitigate. File/disk encryption is typically used to protect against theft of the physical media. i.e. they won't be able to access the content as it's encrypted. For a web application this doesn't provide any additional protection so protection of the data within the database may make more sense.

If a malicious external user manages to dump the database, they'll only have access to encrypted data (and hopefully not the encryption/decryption keys) and your encryption control has been a success. Alternatively, if the end user manipulates the application to extract data from the database in decrypted form (which the application must be able to do) then the encryption control hasn't mitigated that particular risk!

Also, as you likely only want to encrypt some of the data, doing that at a database column level should provide minimal overhead.

AndyMac
  • 3,149
  • 12
  • 21
  • 2
    However, the web application by definition needs to have access to the decryption keys (unless you're using something like an HSM). So encryption of values themselves might not help you in this case. – Stephen Touset May 02 '13 at 21:24