Re: encryption

From: Ryan January <rjjanuary_at_multiservice.com>
Date: Tue, 19 Mar 2013 11:54:53 -0500
Message-ID: <5148985D.90407_at_multiservice.com>

I'd first be looking to your security team to clarify *exactly* what needs to be encrypted, where, and why. Before that question is answered you'll simply be chasing your tail.

Is this only for customer identifiable info persisted on disk, or does that mean absolutely all data round tripped between the client and the database? Their answer may wildly change your approach to encryption.

On 03/19/2013 11:44 AM, Zelli, Brian wrote:
> Ok, our "security" team is telling us we have to encrypt the databases. If people have sqlplus or sqldev access or what sucks is MS Access front ends to databases it would not be encrypted?
> Or would they need something on their machine to de-crypt?
>
> ciao,
> Brian
>
> ----------------------------------
> Brian Zelli
> Senior Database Administrator
> Enterprise Apps/Sys Integration
> Roswell Park Cancer Institute
> (716) 845-4460
> brian.zelli_at_roswellpark.org
> ----------------------------------
>

--
http://www.freelists.org/webpage/oracle-l

Received on Tue Mar 19 2013 - 17:54:53 CET

This message: [ Message body ]
Next message: Hans Forbrich: "Re: Oracle 7 logon"
Previous message: Christopher.Taylor2_at_parallon.net: "RE: Oracle 7 logon"
In reply to: Zelli, Brian: "RE: encryption"
Next in thread: Hans Forbrich: "Re: encryption"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message