I have come across a web application that a company has asked me to rebuild. After all the implementation is said and done I will deploy on a private server, and the database will be on its own private server. I will manage the communication between the two with firewalls and the both of the servers data and web will be behind a load balancer. My question is this, the data that is being collected is extremely sensitive data, do I pick out the columns of sensitive information and enrypt them, because before now they have not been done so, or would this just be overkill. I want to securely store the information however I can be a bit intense when it comes to my concerns.
If the answer is no, that's great and I'm glad I asked. However if the answer is yes, does anyone know how I would go about updating the information to the newly necessary encryption.
The steps would need to be selecting all of the information, converting the columns from varchar to varbinary, encrypting the data, and finally inserting it back into the database.
The development stack for code to data I'm using is java/mysql.
Thanks in advance guys
Aucun commentaire:
Enregistrer un commentaire