Home >> Sum of the Parts >> >Database Encryption

Database Encryption for Sensitive Data

It is never a wise idea to store sensitive data, such as credit card numbers, inside of your Website's database. We try to discourage clients from doing so unless it is absolutely necessary. However, there are situations where it is desirable and, every so often, it is necessary.

If you have the absolute need to collect sensitive data and store it in your database then that information should be encrypted.

Using the Cryptology Classes built in to the .NET framework, we take the data entered by a user such as:
4111 1111 1111 1111

and turn it in to an undecipherable string before storing it in the database. It would look like this.
0E+ieWYVKwIF+k3Wb/3h0uve/tP+V5Xv

Should anyone ever get access to the database through immoral practices, then the sensitive information inside the database would be incomprehensible to the normal eye.

In the present day, it is not a bad idea to implement encryption on things like user names, passwords, and even email addresses as a further security measure on your site. For highly sensitive data like credit card numbers, it is a necessity in our opinion. Highly sensitive data should never be stored in a database without encryption.

Home     About Us     Experience     Technologies     Sum of the Parts     Beyond the Code     Clients     Contact Us     Sitemap

© 1997 - 2018 TConsult Web Dev Inc.