Hello,
Looking for any advice on how to save sensitive data such as Social Security numbers in a database. I am wondering if anyone else needs to do this, and if so, how you do it securely. We are saving this information for the purpose or running a background check and degree verification. Any and all advice is very much appreciated.

SSN and other personal information fall under Federal HIPAA regulations (in the US) and you should check with someone familiar with proper storage and usage procedures for doing that.

_________________
Kevin a.k.a. Dweeber

The usual method is using AES encryption provided by your RDBMS. An example using MySQL could be :

INSERT INTO table(field) VALUES(AES_ENCRYPT('SSN_DATA','KEY'));

This would store the data encrypted with AES within the table. You would need to store the key somewhere safe in order to keep the security model valid. You would then read the data using the following decrypt function:

SELECT AES_DECRYPT(field, 'key') from table WHERE field = AES_DECRYPT(field, 'key');

More on http://dev.mysql.com/doc/refman//5.5/en ... tions.html

You can find a tutorial at :

http://thinkdiff.net/mysql/encrypt-mysq ... echniques/

While AES encryption is secure, it only secure if the key is not compromised and it does not provide a multi-user cryptosystem (ie; an admin with access to multiple users encrypted data).

I hope this answer your question.

Regards,

Max

You help is much appreciated. I'll let you know if I or my team have any other questions.

Worth noting is that:

1) The key and data will, by default, be unencrypted between the database client and server (i.e. your application and the database) in the most popular RDBMSes.

1a) This is a sniffing threat as well as a MITM threat.

2) As a symmetric cipher, knowledge of the AES key is a necessary and sufficient condition to either encrypt or decrypt the data. In other words, if a server has the key stored, breaching that server provides enough information to decrypt everything encrypted with that key.

3) There are companies who specialize in securely handling data like this. It's one of those things that is somewhat complex, very specialized, and at a high risk of great catastrophe should a simple, subtle mistake be made. It's like radioactive waste.

If you do decide to roll your own, be sure to run it past your attorney and insurance company, to ensure that you're doing so legally and with adequate financial protection. People tend to get bent out of shape about credit card numbers, which are easily invalidated/replaced and leave little lasting damage; imagine how cranky folks would get if SSNs were leaked.

_________________

/* TODO: need to add signature to posts */