I have to build an application in which Umbraco-members will be able to create profiles of their clients. This would be a lot easier if i could create a documenttype of type Client to handle everything for me.
The data in question is rather sensitive so I am investigating what my options are.
Is it for example possible to encrypt the propertyvalues of a specific documenttype? And if so what would be the best way to do this?
It may be worth thinking about encryption at the SQL Server level (TDE), you can then encrypted the entire database, and avoid any additional application development cost.
However, if you did want to encrypt at an application level, you could write your own data-type that encrypted/decrypted the stored values.
We've done this in the past, and use the standard text string editor as a starting point, and then made a few adjustments to support this. It's not a massive amount of work, but some care should be taken to make sure what you are doing actually solves the problem ;-)
Encryption at SQL server would actually be a good solution, it would save me the trouble of writing the code to handle this.
Will Umbraco automatically be able to work as usual when using encryption this way?
We have some customers who use TDE and we have not experienced any issues with Umbraco 7. In theory turning on TDE shouldn't effect any database / application.
It might be worth creating an Microsoft Azure SQL database and having a bit of play!
Encrypting data of certain documenttypes
Hi there,
I have to build an application in which Umbraco-members will be able to create profiles of their clients. This would be a lot easier if i could create a documenttype of type Client to handle everything for me. The data in question is rather sensitive so I am investigating what my options are. Is it for example possible to encrypt the propertyvalues of a specific documenttype? And if so what would be the best way to do this?
Thanks in advance.
It may be worth thinking about encryption at the SQL Server level (TDE), you can then encrypted the entire database, and avoid any additional application development cost.
However, if you did want to encrypt at an application level, you could write your own data-type that encrypted/decrypted the stored values.
We've done this in the past, and use the standard text string editor as a starting point, and then made a few adjustments to support this. It's not a massive amount of work, but some care should be taken to make sure what you are doing actually solves the problem ;-)
Hi Laurence,
Thank you for your reply.
Encryption at SQL server would actually be a good solution, it would save me the trouble of writing the code to handle this. Will Umbraco automatically be able to work as usual when using encryption this way?
Hi,
Did you need to change any code to get TDE working?
Yes, you should be fine.
We have some customers who use TDE and we have not experienced any issues with Umbraco 7. In theory turning on TDE shouldn't effect any database / application.
It might be worth creating an Microsoft Azure SQL database and having a bit of play!
https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/transparent-data-encryption-azure-sql
Good luck! Laurie
I will definitely try it out, thanks!
is working on a reply...