Encryption of data at rest
Posted on 2011-03-21
Some questions about encrypting data at rest. Do you use your database platforms ability to encrypt data at rest? We don’t store credit card details but some of our databases do have bank details like account name and number, sort code etc, and personal details like name, national insurance, date of birth etc.
If you follow all best practice around hardening, i.e. use strong passwords, no default passwords, patch the database and OS of DB server, set appropriate ACL to the server (small amount of trusted administrators only) and server shares etc, do you still have to encrypt data at rest in the database? And if so why?
I can see there’s a threat motive for a naughty insider to potentially steal a load of bank account numbers and sort codes (suspect that alone is not enough to commit fraud), it’s a db server in a large 2003 windows domain (database servers not vlann’ed), so there’s a decent size of threat agents, but as to skill level they’d need, if best practice hardening is in place, passwords aren’t weak, servers are patched etc – then I personally have no idea how they’d actually get in the database (anyone?), the app is an internal app not a web facing etc etc.
So, with best practice hardening in place in the DB environment, is it worth encrypting the data at rest, if yes why and how can they get at that data, if not again why so? If the server was in a private VLAN would that affect the decision? Or should it still be encrypted?
Aside from whether to or not to encrypt data at rest, does encrypting data at rest affect db or application performance, and is there any additional cost directly or indirectly in getting the data at rest encrypted? Or anything else we need to know as to encrypt the data or not?