I started out by researching the different types of encryption available for enterprise servers. One recommendation by the client was to use an open source type of product because of the high cost of other products. I wanted to make sure the client’s needs were met and they understood how this method compared to other methods available. There was some reluctance from the FIS vendor because open source products are normally non-supported methods. With some influencing it was agreed to provide feedback on this method to satisfy the client’s request.
GnuPG
The first encryption method analyzed for this project was the open source product called GnuPG. GnuPG allows to encrypt and sign your data and communication, features a versatile key management …show more content…
“Transparent Data Encryption (TDE) safeguards sensitive data against unauthorized access from outside of the database environment by encrypting data at rest. It prevents privileged and unauthorized operating system users from directly accessing sensitive information by inspecting the contents of database files” (Oracle, 2013).This would affect all the information in the database and would need to be agreed upon by the other businesses sharing this server. Oracle encryption does not allow encryption to be installed for only one schema so it would need to be installed across the server no matter if the other businesses are using it or not. So the cost is much higher due to the full disk encryption but does pose opportunities for other businesses to share the cost of implementation. Adding Oracle encryption would be a huge burden on the company unless they can get the other businesses within the company to share the cost. I discussed this with the database team, which already has a contract with the Oracle Company. They did not have an issue with adding this to the existing environment, but said there is a very high cost in adding this feature. In addition, there is a new license fee that must be purchased for the server because of the new technology being …show more content…
They utilize a hardware device made by the Vormetric Company in their environment. It is a hardware appliance that manages all the activity and encryption method automatically. Vormetric Data Security created the Transparent Encryption appliance that provides seamless integration of file level encryption. It provides a centralized solution that encrypts the data and controls the access to those files based on set rules. I provided how it would be implemented into the environment in Appendix I. “The company’s scalable solution suite protects any file, any database and any application — anywhere it resides — with a high performance, market-leading Vormetric Data Security Platform that incorporates application Transparent Encryption, privileged user access controls, automation and security intelligence” (Vormetric,