March 12, 2010 at 9:11 am
I am in the middle of a project that is going to require us to use encryption for the first time to secure some sensitive data. I am having trouble finding articles/blogs/etc illustrating the pros and cons of using database encryption vs. application encryption.
I guess with my limited knowledge (still in the process of reading a number of documents) it almost seems as though application level encryption would be more secure because the data would still be secured if the database server was compromised.
Any info is much appreciated.
Thanks,
Sam
March 12, 2010 at 9:47 am
A lot depends on your requirements. If you have to satisfy PCI then the requirements are different. Your architecture can make a big difference as well. I don't see the question as simple as DB vs. App..
CEWII
March 12, 2010 at 4:42 pm
This will depend as Elliott has said. Compliance you are seeking will have an impact on which encryption you use. It is not uncommon to employ both database and application encryption.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply