We are in the middle of developing an e-commerce application that will be used by our customers on a monthly pay plan.
We thought a little about providing encryption of all personal data stored in the database to make our application more secure for end users.Encryption would be completely transparent both in front and in the backend, and make sure that even if someone gets clean access to the database, it would be impossible to decrypt the personal data of end consumers without an encryption key.
Is this common sense, or are we snacking too much to chew compared to the increased security that this would add to end customers?
I might be out of my depth here since I'm not a security expert, but here are a few questions that come to mind:
What are the chances of an attacker gaining access to data?
Is there any confidential data?
What can an attacker gain from accessing data?
What could you or your company lose if an attacker gained access to data? This is not only data, but also potentially your reputation.
How much will cost to implement?
What are your legal obligations regarding customer data?
If the data is encrypted using one global key, how will you keep the key safe?
, ?
(, ), , /?
, .., ? ( ).
?
, , , ?
FSA (pdf):
, , . .
: . , . , . "", . , , - , CRM- - , .., , - - ( , ..), script , , .
, , , , - , . , , . / . , , , " " , .
. , / , , . , .
, ( , - ..).
, , "security": , , , , ( backoffice).
, , .
, () , . , : , - , .
decrpytion, - , "front-end" - , .
.
, .
You make much more stringent requirements for the system (that is, more equipment costs, lower performance).
IMHO your money and time will be better spent on improving security in other places.
WITH.
Source: https://habr.com/ru/post/1753248/More articles:Does HTML5 remove the distinction between strict and transitional? - html5How to get the running Perl script path and name (argv [0] in C) - perlDatabase design: one table versus three tables - databaseИнтеграция OpenID - phpDatabase Encryption - databaseHow to call UpdateModel from a custom ModelBinder? (MVC) - asp.net-mvcHow to change the default framebuffer for Android? - androidBinary grouping in R - rThe intersection position of the 3d vector and the cube - cEnable python support when installing opencv using mac ports - pythonAll Articles