Encryption is a valuable tool for data security, but it is only as safe as your key. Below I’ve listed general recommendations for encryption key safety that everyone handling encrypted data should adhere to at all times.
Key management begins when the key is created. Key creation includes the creation of a key profile. The key profile consists of a number of factors, including the actual key phrase, the encryption algorithm to be used, and the length of the key. These elements should all be considered in choosing key characteristics and generating a key.
One safe way to generate a random key is using a key generation tool. This ensures a valid key that cannot be guessed. However, you do need to document this key and secure the information because the key information may be required in the future in the unlikely event of needing to decrypt the data, or to move the encryption process to a difference machine. In developing the key phrase, keys should:
While there are numerous algorithms, these are the most widely used in the industry. Generally, a longer key means stronger encryption. At a minimum, a key length of 16 bytes (128 bits) is recommended.
Other procedures for key protection include a split key protocol, in which involves the assignment of the key in portions of among two or more administrators. If your encryption utility offers a mask key feature, each user can enter his or her part of the key without seeing the masked portion. In this way, no one person has access to the entire key. This covers two protection aspects: taking the key out of the hands of one individual and ensuring that the key is not viewed in plaintext format.
Safeguarding keys includes storing the information safely. That means ensuring archival storage for keys in a third-party, secure media location. Also, look for an option for storing your key separately from the server itself; it can be stored in a network location, floppy drive, flash drive, or other removable memory. This practice provides protection in the event that the hard drive or server is stolen, or if the SQL directory is copied to another location. A good encryption utility will prevent an application from starting and accessing the encrypted files unless the key profile location is available at the time of start-up. And at the risk of being obvious, keys should be sent to other users on an as-needed basis. Also, transmission should be sent via encrypted files.
Some options to look for from your encryption utility include permissions control, master encryption, key locking, options concerning backup databases. Because it may be necessary to allow access to different data to different groups of users, look for a utility that allows you to assign access permission based on roles. This way, rather than offer permission to any particular user, including a system administrator, you can offer groups of users access to data according to their needs. It is possible someone would try to replace the master database file, that which contains administrator rights for the database, with one that allows him or her access to the data on your instance. Look for an encryption utility that will only allow the application to start up only if the master database is encrypted. Look for a utility that requires the key profile (and proxy, if specified) be on the same machine(s) when starting the application as when you created the profile with this utility. This can help foil thieves who might try to steal the entire hard drive. Some utilities offer an option that directs all newly created databases or backups the specified instance will be encrypted using the first key. This prevents anyone from copying a back-up that was not automatically encrypted.
These procedures will go a long way to ensuring the safety of your encrypted data, which can only be ensured if your key is safe. Take care of your key the way you do your data.
