|
|
|
|
|
|
by MeNotMe
3984 days ago
|
|
|
1. It's much easier to compromise a DB into a dump with injection, insufficient access control etc. than dump the db, find out it's encrypted, then hack the app servers and find a key somewhere in the binary. 2. You can use key distribution schemes to the app servers. 3. If you need to 'live' search in personal data you're doing it wrong. You can move search to a fulltext engine for the stuff you really need, which is more difficult to dump and reassemble. E.g. if you search for city, you only have primary keys and cities in one system. 4. You should also not keep profiles, personal data and other data on one server. Compromising one of the access paths will compromise all your data. |
|
|