Solved

Is this a safe way of storing and encrypting files?

Posted on 2012-04-04
3
246 Views
Last Modified: 2012-04-04
I have a requirement to upload medical files and encrypt them

I'm already encrypting some other columns and they're varbinary. So, I know varbinary can be encrypted.

Should I use this method :  (filestream)
http://weblogs.asp.net/aghausman/archive/2009/03/16/saving-and-retrieving-file-using-filestream-sql-server-2008.aspx

OR should I encrypt the file in the code, like this:
http://support.microsoft.com/kb/307010
0
Comment
Question by:Camillia
3 Comments
 
LVL 15

Accepted Solution

by:
deepakChauhan earned 500 total points
ID: 37808338
Application level encryption is much safer than file stream like

http://support.microsoft.com/kb/307010
0
 
LVL 23

Expert Comment

by:wdosanjos
ID: 37808373
You should consider using SQL Server encryption features.  I find it more flexible to maintain encrypted data that way.

How to: Encrypt a Column of Data
http://msdn.microsoft.com/en-us/library/ms179331%28v=sql.100%29.aspx

SQL Server Encryption
http://msdn.microsoft.com/en-us/library/bb510663%28v=sql.100%29.aspx

I hope this helps.
0
 
LVL 7

Author Comment

by:Camillia
ID: 37808472
>> Application level encryption is much safer than file stream like
why?
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

After restoring a Microsoft SQL Server database (.bak) from backup or attaching .mdf file, you may run into "Error '15023' User or role already exists in the current database" when you use the "User Mapping" SQL Management Studio functionality to al…
Naughty Me. While I was changing the database name from DB1 to DB_PROD1 (yep it's not real database name ^v^), I changed the database name and notified my application fellows that I did it. They turn on the application, and everything is working. A …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now