Five Worst Practices In Database Encryption

Poor encryption deployments risk too much critical information within databases

Dark Reading Staff, Dark Reading

October 5, 2011

4 Min Read

Database encryption can add a valuable layer of security to critical data stores, but only if the encryption is done well. As the number of database encryption deployments increases, so, too, does the number of bad encryption deployments.

Following are the five most common encryption worst practices that security experts see organizations engage in today. To get the most out of their security dollars, enterprises would do well to avoid these pitfalls.

1. Storing Keys In The Wrong Place
According to some security experts, one of the worst sins of database encryption is to comingle your encryption keys with the data they're used to encrypt.

"If you’re encrypting sensitive data in your database, then one of the worst practices is to store either the key used to encrypt the data or the authentication credentials that are used to get that key in the same database as the encrypted data," says Luther Martin, chief security architect for Voltage Security. "Doing that gives you the illusion of security, but actually provides very little real security."

To really protect your data, keep the management of encryption keys separate from the database that stores the data encrypted with those keys.

2. Failing To Centralize Key Management
Many times keys end up in the wrong place -- and poorly secured, at that -- because the organization is simply too overwhelmed to keep track of them.

"One of the main issues is the sheer number of encryption keys and digital certificates in use within organizations," says Jeff Hudson, CEO of Venafi. "Research shows that it is not uncommon for an organization to be managing certificates and keys in the thousands, if not tens of thousands."

Many organizations are sold encryption, but not the means or knowledge to manage it, Hudson says.

"Encryption is only half the solution. IT departments must track where the keys are and monitor and manage who has access to them. Organizations need to quickly come to terms with how crucial encryption keys are to safeguarding the entire enterprise," he says. "This heightens the need for both a deepened understanding of encryption best practices, as well as automated key and certificate management with access controls, separation of duties, and improved polices."

Ideally, organizations should endeavor to centralize key management as much as possible in order to know what the organization has in its inventory, where keys are located, and how they're protected.

NEXT PAGE: Recipe for disaster. 3. Depending On Home-Brew Solutions
Most IT people are tinkerers, and there's nothing so thrilling for a technology geek than to save his shop some dough by building a homegrown system in-house. But unless your staff consists of cryptographic experts with years of experience, building home-brew encryption or key management systems is just setting your organization up for disaster.

"Failed homegrown database encryption key management deployments are forcing even the largest of retailers to turn to specialized vendors," says Ulf Mattsson, CTO of Protegrity. "What is dangerous is it looks so easy at a distance."

4. Leaving Backups Unencrypted
If you encrypt your databases but leave backups of that data unencrypted, then you're setting your organization up for a fall.

"In this day and age, with all the stories of tapes falling off the back of trucks and laptops being lost, there is no excuse," says Nishant Kaushik, chief architect at Identropy.

Alan Wlasuk, CEO of 403 Web Security, agrees, stating that encryption of back-ups should become a matter of course for all databases.

"Back up all databases in an encrypted format 00 even if they have no value," he says. "Database backup will end up in places you would never imagine; it is easier to sleep if you know they are safe from prying eyes."

5. Using Out-of-Date Cryptographic Algorithms
Part of the reason why Gawker was so embarrassingly breached last December was because the password information exposed was "protected" by encryption using decades-old encryption technology. This is hardly a unique practice. Many organizations encrypt their data, but depend on old cryptographic algorithms that are about as secure as a paper mache suit of armor.

"Some older systems continue to use algorithms that have been broken years ago," Wlasuk says. Organizations have to be mindful not only that they encrypt their databases, but that they encrypt with technology that leverages new algorithms.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights