Could you conceptually explain the Best Practices related to data encryption ?

Hi Experts


Could you conceptually explain  the Best Practices related to data encryption ?

Thanks in advance.
Eduardo FuerteAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
btanConnect With a Mentor Exec ConsultantCommented:
Best practice for Data Encryption is about asking ourselves and doing it first time right
- Why protect data:  Ensure data integrity and confidentiality are maintained

- What to protect: Identify the data, Differentiate classified/sensitive data vs Public data, Application & system that will have the data at rest, data in transit and data in use

- How to protect: Prioritise data to protect, Use standards in encryption/digital signing/hashing etc, identify solution and scope the data i.e. see the "What to protect"  

- What to look out: Assess impact and must not be worst off or impact business running, Trust but Verify by conduct security test like penetration testing, audit etc

- What assurance in control: Enable audit trail, establish accountability of data owner, process owner ensure non-repudiation in the safeguards implementation
0
 
arnoldConnect With a Mentor Commented:
Best practices in the absence of a context, is to encrypt with high bit only fields that are sensitive .... Versus the entire db.
The trade off deals with decryption
The main and important part deals with making sure, encryption keys are backed up, and restoration of data is practiced  to make sure .......

Perhaps, it should be phrased, databases with sensitive information, best practices is to use encryption of those fields.
0
 
Eduardo FuerteAuthor Commented:
Very good approach.

Thanks for the help!
0
All Courses

From novice to tech pro — start learning today.