Best way to encrypt certain fiels in SQL Server 2008?

Posted by Josh on Stack Overflow See other posts from Stack Overflow or by Josh
Published on 2010-05-25T22:12:38Z Indexed on 2010/05/26 2:41 UTC
Read the original article Hit count: 336

Filed under:
|
|
|

I'm writing a .net web app that will read and write information to a SQL 2008 backend database. Some of this information will be highly confidential in nature so I want to encrypt certain data elements. I dont want to use TDE or any full-database encryption for performance reasons. My main concern is protecting this sensitive data as a last resort against a SQL injection or even a database server compromise. My question is what is the best way to do this to preserve performance? Is it faster to use the SQL2008 encryption functions such as EncryptByKey, or would it be faster to encrypt and decrypt the data in the .NET web app itself using a symmetric key stored in the secure web.config and store the encrypted values in the DB?

© Stack Overflow or respective owner

Related posts about .NET

Related posts about sql