<div dir="ltr"><div><div><div>yay! Someone else having HIPPA fun!<br><br></div>I would argue LOUDLY that unless the DB supports something as potent as SEPOSTGRES (column locking at the kernel level) and fully-encrypted filesystem then it's not safe to even concider it. That will block out M$ AND Oracle :-)<br>
<br></div>row-level locking with sepostgres is not ready for primetime.<br><br></div>Now talk to them about MLS security and watch their eyes pop.<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Aug 9, 2013 at 3:36 PM, Sid Lane <span dir="ltr"><<a href="mailto:jakes.dad@gmail.com" target="_blank">jakes.dad@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>can anyone cite a known PII/PHI breach which all else equal TDE would have prevented? if not can you describe such a hypothetical breach (again, all else equal)? no points for lost unencrypted backups - that's operator error & trivially avoided..</div>
<div><br></div>I've been tasked with developing & deploying a database encryption strategy for HIPAA-governed PHI & have lots of people touting M$ and/or Oracle TDE. I've put a fair bit of effort into studying each and I'm having a hard time envisioning actual vectors and/or real world attacks against which they would protect (again, all else equal). as near as I can tell they DO guarantee that your backups are encrypted which does have merit but there are dozens of non-TDE (virtually all far cheaper) to encrypt a database backup. additionally, as near as I can tell they decrypt into shared memory & may (but don't require) re-encrypt for transport (SSL to client). am I wrong on these points?<div>
<br></div><div>I was on a call today w/a vendor where it was asked: "well, what if they physically steal your server?" to which I replied: "well, they'd have a nice doorstop since database is on SAN" which naturally begged: "well, what if they steal your SAN?" - um, if someone's able to steal a multi-cabinet VSP in under four hours without at least six people & a palette jack & get it off your dock then database encryption (or lack thereof) may not be your highest priority...</div>
<div><br></div><div>I realize we're probably still going to have to do it anyway to appease auditors, govt, etc - I just want to know if there's something I'm missing that will convince me this is substantive & not theatre...</div>
<div><br></div><div>thanks!</div></div>
<br>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><div dir="ltr">-- <br>James P. Kinney III<br><i><i><i><i><br></i></i></i></i>Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.<br>
- Speech 11/23/1900 Mark Twain<br><i><i><i><i><br><a href="http://heretothereideas.blogspot.com/" target="_blank">http://heretothereideas.blogspot.com/</a><br></i></i></i></i></div>
</div>