Database encryption options for Ruby on Rails hosted on Heroku

Asked Jun 25 '14 at 16:17

Active Jun 25 '14 at 20:55

Viewed 1,011 times

One of the clients I'm working with is requesting that I encrypt my database. The problem is, none of my other clients need or care about this.

I am wondering two things:

How costly (performance) is it to encrypt my entire database? I.e. how much slower will my read / writes be?
Is there anyway I can provision a small separate DB, or segment my current DB on Heroku and host that one specific client's data (wherein their data is fully encrypted).

Thanks! Ringo

edited Jun 25 '14 at 20:55

asked Jun 25 '14 at 16:17

Ringo Blancke

1

Encryption isn't magic secret security sauce. Where will the keys be kept? Will they be stored encrypted and require an off-site passphrase to be manually entered when the app starts? etc. If you just encrypt the data then store the key in the DB, that's a total waste of time. The client should focus on their actual threat model - what are they trying to protect against? – Craig Ringer Jun 26 '14 at 02:09
1

See also: See: http://stackoverflow.com/q/12329652/398670, http://stackoverflow.com/a/8305335/398670, http://stackoverflow.com/a/12615409/398670 – Craig Ringer Jun 26 '14 at 02:16

0 Answers0