Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Could you conceptually explain  the Best Practices related to data encryption ?

Posted on 2016-09-03
3
Medium Priority
?
87 Views
Last Modified: 2016-09-04
Hi Experts


Could you conceptually explain  the Best Practices related to data encryption ?

Thanks in advance.
0
Comment
Question by:Eduardo Fuerte
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 80

Assisted Solution

by:arnold
arnold earned 1000 total points
ID: 41783298
Best practices in the absence of a context, is to encrypt with high bit only fields that are sensitive .... Versus the entire db.
The trade off deals with decryption
The main and important part deals with making sure, encryption keys are backed up, and restoration of data is practiced  to make sure .......

Perhaps, it should be phrased, databases with sensitive information, best practices is to use encryption of those fields.
0
 
LVL 65

Accepted Solution

by:
btan earned 1000 total points
ID: 41783328
Best practice for Data Encryption is about asking ourselves and doing it first time right
- Why protect data:  Ensure data integrity and confidentiality are maintained

- What to protect: Identify the data, Differentiate classified/sensitive data vs Public data, Application & system that will have the data at rest, data in transit and data in use

- How to protect: Prioritise data to protect, Use standards in encryption/digital signing/hashing etc, identify solution and scope the data i.e. see the "What to protect"  

- What to look out: Assess impact and must not be worst off or impact business running, Trust but Verify by conduct security test like penetration testing, audit etc

- What assurance in control: Enable audit trail, establish accountability of data owner, process owner ensure non-repudiation in the safeguards implementation
0
 

Author Closing Comment

by:Eduardo Fuerte
ID: 41783578
Very good approach.

Thanks for the help!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
When the confidentiality and security of your data is a must, trust the highly encrypted cloud fax portfolio used by 12 million businesses worldwide, including nearly half of the Fortune 500.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

596 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question