sql - Does it make sense to encrypt every value in MySQL? -
i have mysql database without built in database encryption. aware encryption available, it's not available on aws rds instance size i'm working with.
instead, plan utilize aws kms (basically standard hashing encryption) hash every single value before entering in datable. working sensitive data needs hipaa compliant.
my question is, hashing values, renders querying useless right? additionally, if that's case, difference between hashing every value (first name, last name, dob, etc..) vs. treating entire row single json string, , hashing (and storing in single column).
if has experience encrypting on application level hipaa/sensitive data , storing in mysql, i'd appreciate suggestions!
while i've worked on few hippa projects in past i'm in no way expert. hipaa has lot of components need take account take following non hippa specific.
i consider operating own relational db server full disc , database encryption or (if able work json strings anyway) use nosql db dynamo db.
the last project worked on kept data in encrypted relational db , locked down (we hired security engineers that) on application level didn't encrypt anything.
i try avoid encrypting on application level if possible leads added complexity
lastly, might find link useful https://d0.awsstatic.com/whitepapers/compliance/aws_hipaa_compliance_whitepaper.pdf
as tool managing phi dynamodb https://github.com/awslabs/aws-dynamodb-encryption-java
Comments
Post a Comment