Click here to monitor SSC
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in
Home       Members    Calendar    Who's On

Add to briefcase

Encryption - chronology Expand / Collapse
Posted Thursday, January 30, 2014 5:29 AM



Group: General Forum Members
Last Login: Wednesday, August 24, 2016 10:25 AM
Points: 122, Visits: 460

Please note: this query is applicable to any version of SQL Server - it is a question regarding how data between servers is handled and the timing.

I have set up encryption within a 2005 database for the purposes of protecting credit card information in a single column with a table.
There is an application sitting on a separate machine which accepts user input and then calls a stored procedure in the SQL database to encrypt the data.
My question, and it may sound simple/obvious, is this:
Will the credit card number be transmitted in clear text to the database at which point the application will encrypt it, or is the data encrypted within the application and then transmitted to the database encrypted?
It is quite a subtle point but very important from a PCI-Compliance standpoint.
Many thanks.
Post #1536268
Posted Thursday, January 30, 2014 5:34 AM



Group: General Forum Members
Last Login: Saturday, December 3, 2016 5:18 AM
Points: 45,619, Visits: 44,147
Please don't cross post. It just fragments replies and wastes people's time as they answer already answered questions.

No replies to this thread please, direct replies to

Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass

Post #1536270
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse