"Column encryption" software recommendations?

  • I am testing software to encrypt columns in sql tables. It's an interesting experience. Typically such software renames the base table containing encrypted columns and creates a VIEW having  the name of the original table.  The idea is to make the transformation have as little impact as possible at the source code level. I applied one company's package to a test databases (pretyy complex ones) and found out... after much trouble .... that I couldn't de-crypt the very columns I had encryped! Yes, I can encrypt\decrypt Northwind with their product, I am working with the company on this one.

    I also found that DTS no longer recognized the table name and that QA, expecting to display text, would sometimes freak out when it hit an encrypted (binary) field.

    That's my sob story. Now I'm chechking out the products of Protegrity hoping to have greatr success.

    Can you recommed database encryption software for me to test?

    TIA,

    Bill

     

  • This was removed by the editor as SPAM

  • Check out Imceda Software.

  • Just FYI I am testing two SQL Encryption packages, once called NetLIB and the other SecureData (by Protegrity). Both promise do do column-level encryption.

    From the limited response to this quesiotn I take it that most DBA's don't use such software. Be forwarned that such software does not support all SQL datatypes and can conflict with triggers.

    Bill

  • Be wary of column level encryption. It sounds like a great idea but is miserable on performance. I also know that it is very difficult and potentially impossible to create an index on an encrypted column.

  • I have had some success working with a product called 'xp_Crypt'.

     

    If you would like to look into this product, check out 'www.activecrypt.com'. 

     

    I had a need to encrypt account numbers that where to be accessed from an in-store kiosk.  I found this product very easy to work with and understand.  The nicest thing about it was the Free Ware version worked just fine for my requirements.  However there is a expanded version that you can by that gives you better performance and capabilities.

     

    Dave

  • I too have used XP_crypt.

    Great tool for field level encryption. Its a good way to encrypt a field (which becomes a column) so that someone who gets the table can;t use it with out the right way to decrypt it.

    But there in lies a trap. Unless the database engine itself knows how to work inside the encrypted data, you can't sort it or select by it without decrypting it first. Big performance hit overall.

    my use? I use it to store passwords for a web application using one way encryption. I never search by them, I don't sort by them. I just encrypt my incoming value and test for equality. very little impact from that.

  • Albeit SQL Server 2005 wasn't out when you guys were writing these comments; do you now see anything against using SQL Server 2005 encryption? That is, if you can migrate your data without too much hustle?

     

    Regards,

    Hanslindgren

Viewing 8 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic. Login to reply