How to incorporate encryption method for developing in Microsoft Visual Basic when saving to a DB

We have MS VB 2012 and wanted to incorporate some sort routine that when we save to a MS SQL database or any other type of database, it can be encrypted then decrypted when read.  Is there way to go about it?  Please advice.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You should be able to encrypt the database.  The database will then take care of the encrypting/decrypting work.  You shouldn't have to do anything at the application level.
Shaun KlineLead Software EngineerCommented:
The System.Security.Cryptography class has a number of options for encrypting data.

Here's a link to the AES class:

Here's a link to a DES walkthrough:
rayluvsAuthor Commented:

We are using MSSQL; when you say "You should be able to encrypt the database", what do you mean exactly?

Shaun Kline:

Thanx, we are working on the code to incorporate the encryption.  

Last question:

After incorporating, what is your opinion on how we are going to use it? (that is, run the routine to every data or fields prior saving to the database)

Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

rayluvsAuthor Commented:
Thank you very much,very interesting.  Unfortunately, since the apps will be working with different SQL instances (MSSQL & MYSQL), we have to maintain the encryption at coding in VB.

What is your opinion on our last question in ID: 40836208:

"After incorporating, what is your opinion on how we are going to use it? (that is, run the routine to every data or fields prior saving to the database)"
MySQL encryption could be accomplished with
* full disk encryption
* some middle-ware, like TrueCrypt or PGP, that might mount an encrypted volume that contains the MySQL database
* field-by-field encryption at the application level

The FDE is the simplest and would apply to both types of database.
Shaun KlineLead Software EngineerCommented:
What is the purpose for the encryption?

Are you looking to encrypt the data for data-at-rest reasons? Then a full database encryption is probably the way to go.

Are you looking to encrypt sensitive data, such as phone numbers, credit card numbers or Social Security Numbers? You have options. Both SQL Server and MySQL include encryption algorithms so you can encrypt/decrypt the data on the database side via stored procedures; or you can use .Net's encryption class to encrypt the data prior to sending it to the database and decrypt when retrieving the data. Both have positives and negatives, so you would need to research and determine which is best for your needs.
rayluvsAuthor Commented:
Thanx for the MySQL encryption info; we'll pass this info forward.  Unfortunately, the purposes why encrypting SQL is not viable to us, is because it will not be up to us to do it.  That is, the apps we are working on is an inhouse tool and is running in 3 location with seperate independant IT administrations, where 1 location is MySQL.  If each location would adhere to SQL encryption then we would be not necessary to encrypt via VB.

That said, Yes, we are looking to encrypt sensitive data such as phone, address, hence, Human Resources info.

Going back to entry ID: 40836208: After incorporating the recommended encryption method to our source code, what is your opinion on how we are going to apply it? (that is, run the filed data thru the encryption routine before saving to the DB thus saving encrypted data instead of legible data)"
Shaun KlineLead Software EngineerCommented:
Yes, encrypting the sensitive data prior to sending it to the database is the means I would use with the .Net class. When you need to read the data out of the database to be used by your application, you will need to decrypt it. Simple if you are only displaying a single record; more involved if you are displaying a grid's worth of data. That's were the +/- comes into play. Encrypting on the database side may be easier to implement (using stored procedures) but then the data is transmitted to your application unencrypted. A minus for using the .Net class is that if you ever need to use that data in another application, you will need to decrypt is using .Net first. That is not an issue as long as someone can remember how the data was encrypted 5/10 years down the road.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rayluvsAuthor Commented:
Great Info!!!  Listen, you raised more interesting questions, but as for this particular question, it has been 100% answered!

Will proceed to close.

Thanx all for your great assistance!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Visual Basic.NET

From novice to tech pro — start learning today.