Introduction Critical data in a database needs to be protected against internal and external threats. A database encryption solution can be used to achieve this protection in addition to providing the regulatory requirements. In the past, access control was used as a means of protecting information against access by unauthorized users. Access control did not prove very effective and this has led to the adoption of encryption where information is transformed into some form that cannot be understood by unauthorized users. Decryption is the process by which the transformed text is retransformed into a form that can be understood. This paper will seek to analyze a database encryption solution that will protect critical data against internal and external threats and at the same time meet regulatory requirements.
2. Choosing the Point of Encryption Encryption can be done at different places within an enterprise. Encryption is used to minimize the number of people who access the encryption keys. Before encryption, implementation decisions needs to be made (Mattsson, (2005, p.2). The most important thing is choosing the point of implementation. This helps in determining the work that needs to be done so that integration is effective and also determining the security model. Data needs to be protected both when at rest and during movement between applications and the database.
2. 1. Database-Layer Encryption In this case, an enterprise is able to protect data as it is being written and read from a database. Database layer encryption is done at the column level within a database table. It can be coupled with access controls and database security so as to prevent theft of critical data. This level of encryption protects data within the database management system and against threats such as storage media theft, database level
