Solved

Could you conceptually explain  the Best Practices related to data encryption ?

Posted on 2016-09-03
3
66 Views
Last Modified: 2016-09-04
Hi Experts


Could you conceptually explain  the Best Practices related to data encryption ?

Thanks in advance.
0
Comment
Question by:Eduardo Fuerte
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 78

Assisted Solution

by:arnold
arnold earned 250 total points
ID: 41783298
Best practices in the absence of a context, is to encrypt with high bit only fields that are sensitive .... Versus the entire db.
The trade off deals with decryption
The main and important part deals with making sure, encryption keys are backed up, and restoration of data is practiced  to make sure .......

Perhaps, it should be phrased, databases with sensitive information, best practices is to use encryption of those fields.
0
 
LVL 63

Accepted Solution

by:
btan earned 250 total points
ID: 41783328
Best practice for Data Encryption is about asking ourselves and doing it first time right
- Why protect data:  Ensure data integrity and confidentiality are maintained

- What to protect: Identify the data, Differentiate classified/sensitive data vs Public data, Application & system that will have the data at rest, data in transit and data in use

- How to protect: Prioritise data to protect, Use standards in encryption/digital signing/hashing etc, identify solution and scope the data i.e. see the "What to protect"  

- What to look out: Assess impact and must not be worst off or impact business running, Trust but Verify by conduct security test like penetration testing, audit etc

- What assurance in control: Enable audit trail, establish accountability of data owner, process owner ensure non-repudiation in the safeguards implementation
0
 

Author Closing Comment

by:Eduardo Fuerte
ID: 41783578
Very good approach.

Thanks for the help!
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question