The answer to your question depends on the data that you are trying to protect. Data can be encrypted and decrypted,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
but you cannot decrypt or reverse engineer a hash, as it is a one-way process. Storing hashed values is only an option when its raw value is not needed. The obvious example is a password. You can store a hashed password value in a database table and when required to validate a user, you can compare the stored hashed password against the hashed text the user has entered. If the values match, you know they entered the correct password. Storing passwords as hashed values rather than as encrypted values is more secure because a hacker can neither read nor decrypt them.
However, the bulk of the data in your database will need to be viewed in Blowfish. A symmetric encryption algorithm uses the same key for encryption and decryption, which itself could be encrypted and stored in a secure location such as a file residing on an NTFS partition or a Windows Registry key accessible to privileged accounts only. There are third party utilities, such as DbEncrypt from Application Security Inc. (http://www.appsecinc.com/products/dbencrypt/mssql/), that provide this type of functionality. You may also want to encrypt the database itself. For example, Windows NTFS file encryption can be used to enhance access control by encrypting the actual database file.
Encrypting data can have significant performance implications on query processing in databases so you will probably only want to encrypt particularly sensitive data, and remember that you may also need to encrypt sensitive information as it is being sent to a browser over a network using digital certificates and SSL or SSH.
Dig Deeper on Database Security Management
Related Q&A from Michael Cobb
The TLS protocol has fallen on hard times, but expert Michael Cobb explains how client puzzles can help fix some of the problems.continue reading
Microsoft's Wi-Fi Sense for Windows 10 can share encrypted passwords for Wi-Fi networks, but is it safe? Expert Michael Cobb has the answer.continue reading
Several security vendors and providers have been hacked over the last year. Expert Michael Cobb explains how enterprises should prepare for a vendor ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.