<div dir="ltr"><div>can anyone cite a known PII/PHI breach which all else equal TDE would have prevented? if not can you describe such a hypothetical breach (again, all else equal)? no points for lost unencrypted backups - that's operator error & trivially avoided..</div>
<div><br></div>I've been tasked with developing & deploying a database encryption strategy for HIPAA-governed PHI & have lots of people touting M$ and/or Oracle TDE. I've put a fair bit of effort into studying each and I'm having a hard time envisioning actual vectors and/or real world attacks against which they would protect (again, all else equal). as near as I can tell they DO guarantee that your backups are encrypted which does have merit but there are dozens of non-TDE (virtually all far cheaper) to encrypt a database backup. additionally, as near as I can tell they decrypt into shared memory & may (but don't require) re-encrypt for transport (SSL to client). am I wrong on these points?<div>
<br></div><div>I was on a call today w/a vendor where it was asked: "well, what if they physically steal your server?" to which I replied: "well, they'd have a nice doorstop since database is on SAN" which naturally begged: "well, what if they steal your SAN?" - um, if someone's able to steal a multi-cabinet VSP in under four hours without at least six people & a palette jack & get it off your dock then database encryption (or lack thereof) may not be your highest priority...</div>
<div><br></div><div>I realize we're probably still going to have to do it anyway to appease auditors, govt, etc - I just want to know if there's something I'm missing that will convince me this is substantive & not theatre...</div>
<div><br></div><div>thanks!</div></div>