Database Encryption can be referred as a method through which, the data files are compressed and converted in a format that cannot be accessed by the illegal people. The companies are often suggested to make use of encryption while performing key activities over Internet such as E-Mail. The database encryption method has gained very important strides with the passé of time. The selection of the database encryption products are also improving with the maturity in the market. Few of the most important database encryption vendors such as Microsoft, MySQL AB and Oracle Corp all have incorporated more rigorous encryption potentialities together with new features to allow excessive layers to the user access power. The technology of Database encryption is not new to the businesses. An encryption method allowing encrypting few fields prior to entering in database and involuntarily decrypting them was prevalent since several years. However, not everything can be encrypted in the database for instance, indexed fields cannot be encrypted.

Fundamental Considerations:

Database Encryption is definitely a potential tool for the security. However, prior to taking the leap, few of the important considerations have to be delved. The database encryption is broadly divided into 2 categories namely:

1. Communication Encryption: This can be typically accomplished by the means of implementing tunneling protocols as such IPsec or SSL. This will wrap the data transmitted from server towards the client applications perhaps processing server. This is very crucial for the 2-tier applications, which ports straight to database server as the requesting client tend to be in any location. It is not the same case with regards to 3-tier application, in which a middle layer persists on the server, which ports with databases subsequent to which, authorizes the results to clients. Such situations do not require a database encryption, since the communication amid the web server and database is trusted.

1. Field Encryption: This is a different concept altogether. Usually, the companies rush toward database encryption considering it a quick solution for safety with no stress given on the vital factors. Most important among such factors is performance or speed of application. A badly enforced database encryption has the potential of affecting the production applications. The customers as well as the CIO will be unhappy and this is very hefty price to bear in turn of data security and compliance.

Guidelines for Securing the Database

Below mentioned are few guidelines to secure the database minus occluding the business prospects:

• Do not ever encrypt super or foreign keys.
• Make use of symmetric cryptography over the asymmetric ones whenever obtainable.
• It is not usually suggested to do complete database encryption. It is advised to encrypt the entire data with the use of multiple keys as well as varied algorithms.
• Encrypt just the columns of sensitive data. This is what is expected to be done for protection of database.
• To determine the most important data or fields is a tough task and needs to be carried in agreement with lessening of threat.