Solved

Is this a safe way of storing and encrypting files?

Posted on 2012-04-04
3
279 Views
Last Modified: 2012-04-04
I have a requirement to upload medical files and encrypt them

I'm already encrypting some other columns and they're varbinary. So, I know varbinary can be encrypted.

Should I use this method :  (filestream)
http://weblogs.asp.net/aghausman/archive/2009/03/16/saving-and-retrieving-file-using-filestream-sql-server-2008.aspx

OR should I encrypt the file in the code, like this:
http://support.microsoft.com/kb/307010
0
Comment
Question by:Camillia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 15

Accepted Solution

by:
Deepak Chauhan earned 500 total points
ID: 37808338
Application level encryption is much safer than file stream like

http://support.microsoft.com/kb/307010
0
 
LVL 23

Expert Comment

by:wdosanjos
ID: 37808373
You should consider using SQL Server encryption features.  I find it more flexible to maintain encrypted data that way.

How to: Encrypt a Column of Data
http://msdn.microsoft.com/en-us/library/ms179331%28v=sql.100%29.aspx

SQL Server Encryption
http://msdn.microsoft.com/en-us/library/bb510663%28v=sql.100%29.aspx

I hope this helps.
0
 
LVL 7

Author Comment

by:Camillia
ID: 37808472
>> Application level encryption is much safer than file stream like
why?
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have written a PowerShell script to "walk" the security structure of each SQL instance to find:         Each Login (Windows or SQL)             * Its Server Roles             * Every database to which the login is mapped             * The associated "Database User" for this …
After restoring a Microsoft SQL Server database (.bak) from backup or attaching .mdf file, you may run into "Error '15023' User or role already exists in the current database" when you use the "User Mapping" SQL Management Studio functionality to al…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question