Database security checklist

Are you worried about your data being stolen by employees, rivals, your boss or hackers? Then it is a time to prepare database security checklist and protect data of your database.

Database-encryption technology is very much familiar in recent years. But you can't encrypt everything in your database. For example indexed fields can't be encrypted because your database-management software will sort the encrypted strings in hexadecimal values, which are different from real, unencrypted form. So your index, which is supposed to speed access to the data by preordering it, won't work. Even if you could relate the encrypted index field to the original data, it is very difficult to match the collation. Until databases support encryption, encrypted indices will be a problem.

Things to remember

Always remember that any indices generated from encrypted fields won't be valid, either. And because these fields don't relate to the actual data, it'll be harder for the database administrator and developer to debug problems. 

As a matter of fact, unless you have a mechanism to decrypt your database data on the fly, any query that uses encrypted fields to search or order data will cause trouble. Sybase,a database software lets you create encrypted databases. Sybase offers helpful tips for the problem to get solved.

How to manage disk space?

Major issue is the disk space, with database encryption, because encrypted fields are larger than unencrypted fields. Text data is little larger, and a lot larger for numeric and binary data--data in a numeric field, for example, gets encrypted one byte at a time and grows to two bytes when it's encrypted. RAID arrays, SANs and network-attached storage devices give you plenty of space, unless you have a massive database of millions of rows, each row with hundreds of bytes.

Many times database-encryption mechanisms present encrypted data as characters, single character per hexadecimal digit. What really matters is When encrypted, a 4-byte integer becomes an 8-byte character string. Most encryption algorithms use 64-bit DES, so your 4-byte (32-bit) integer becomes a string of 16 encrypted characters. It means that when building your disk capacity for database encryption, be prepared for increase in your data size i.e your data will triple or quadruple in size. So always remember that you have sufficient logical-memory space.

Always remember , that encryption expands your data size. To allow it, increase the size of the field so the column is larger, and change the field type to accommodate the encrypted data. Numeric fields, then would be changed to character fields large enough to store encrypted data.

Never encrypt everything

Never encrypt everything. Just ignore that doesn't require. Encrypt a credit-card number, but don't give importance to encrypt your customer's name and address. It will save your disk space and boost the performance of the system.

If you run a mega database system, the need of encryption and decryption must be classified, always encrypt the data accordingly, to increase the performance and the speed. Consult your database-encryption vendor for encryption-acceleration tools which work with its product. Many database-encryption vendors have relationships with acceleration-tool suppliers.

Security is the most talk about threat for Internet now a day. With new security challenges emerging everyday, protecting valuable data needs advanced solutions which can effectively reduced the threats to the security and manage risk.

nCipher's security products

nCipher's security products can be easily integrated with custom security application deployments and easily bundled with most of the leading commercial security software products.

nCipher's products protects valuable information, ensuring the data privacy. It also secures the Internet communications and use of the cryptographic keys.

nCipher's products also protect application software integrity to boost server performance and capacity. It also enforces security management policy to reduce administration costs over security infrastructure.

nCipher's products integrate smoothly with software-based security systems and applications that utilize cryptographic techniques to speed and secure communications, it protects critical data, preserves software application integrity. nCipher provides acceleration-tool for Oracle's database. The top thing in the database security checklist is to go the database encryption.

Subscribe to "COMPTECH" ezine to get the latest news and updates on Windows Vista.

Enter your E-mail Address Enter your First Name (optional) Then Don't worry -- your e-mail address is totally secure. I promise to use it only to send you Mindpc.