Encryption

silver163 · March 27, 2011, 8:58pm

Hello,

I got a server running with Windows 7 64 bit and I got MySQL Server on there and I need to encrypt all the DB’s. What’s the best way to get this done? I use HeidiSQL to control the database.

r937 · March 27, 2011, 9:38pm

encrypt all the DBs?? whatever for?

this sounds like a PHB requirement

force · March 27, 2011, 9:46pm

A database typically sits behind a password.

If you’re trying to encrypt user passwords, search for password hashing with a salt. That, however, takes place at the application level, not the database level. The database just stores the end result. Hashing is a one-way type of encryption, so you won’t be able to get the original value back…just compare it to another hashed value.

silver163 · March 27, 2011, 10:01pm

more like Visa being the pointy hair boss, unfortunately we must encrypt all of our emails that are stored within the database, in case someone copies the files.

oddz · March 28, 2011, 1:15am

That would be a two way encryption for the content of the email.

felgall · March 28, 2011, 1:55am

So when someone copies all the files that they have to run the file with the decryption code in it before they can read the other files? I guess that would add a few extra seconds to the time taken to access the information in those emails.

Note also that emails are not allowed to contain any confidential information (eg. credit card numbers) at all since the email gets stored in plain text on various servers around the world when it is in the process of making its way from the sender to the recipient. To get around that you’d need everyone to have security certificates installed to use with the emails that allow the email to be encrypted before it is sent.

silver163 · March 29, 2011, 4:24am

Well seconds sure but only if they want a supercomputer handy, the NSA got one that literally does it in seconds but I highly doubt that anyone has the resources for that. i am not trying to make this “uncrackable” i am trying to take every measure possible to ensure security.

you can install a firewall on a computer but as long as the computer is used by people and the more people use the bigger the usage the more security vulnerabilities doesn’t mean you shouldn’t bother with security at all.

i just want to see if there are any external software that can encrypt the DB’s and work with the server