1

I've been looking for finding the best solution to store highly sensitive information like an Amount or a balance in a banking application. Can I store that just as a numeric field or Do I need any encryption to encrypt that data? Am a bit worried about encryptions since these fields are frequently being accessed by the users. So when ever it gets accessed there needs to be some decryption mecahnism and to store back the new balance amount that again needs some encryption. Or is there is a better solution for that.

Database is SQL Server 2008 R2 and the platform is .NET 4.0

huMpty duMpty
  • 14,346
  • 14
  • 60
  • 99
Sandeep Thomas
  • 4,303
  • 14
  • 61
  • 132
  • Have you seen this [Encrypting Salary value in ASP .NET 2.0 and SQL Server 2005](http://stackoverflow.com/questions/148964/encrypting-salary-value-in-asp-net-2-0-and-sql-server-2005?rq=1) – huMpty duMpty Jul 02 '13 at 12:31

2 Answers2

0

This is an important topic to think about, there are lots of ways to do it.

However encryption in the best possible way when we have confidential data and to save things from Hackers you should surely encrypt it.

Take a look at this http://msdn.microsoft.com/en-us/library/ms179331.aspx

and this

http://msdn.microsoft.com/en-us/library/ms174361.aspx

Nipun Ambastha
  • 2,553
  • 1
  • 16
  • 26
-4

You should not need to store the data in an encrypted manner.

When it comes to security of data you should always work on preventing access via firewalls and correct login protocols.
Also only allows users to access data for which they have clearance.

When it comes to encryption - you could encrypt the disk but encrypting columns is not really worth the access time it will take in decrypting the data and if someone has access to the database invariably they will have access to the decryption routines.