Page 1 of 1

Data encryption

PostPosted: Fri May 28, 2004 4:00 am
by maratheamit
I will write a sql script for the conversion to bitmapped features. To test things I would like a copy of the production data. Which brings me to the topic of this post...

I am not comfortable having user email addresses in the data that I will load on the test server. Josh can always omit the addresses when taking the data dump but that can get tedious. I was wondering if there is a better way.

One thing I thought of was encrypting all the sensitive information before storing it in the database. Before sending out an email we would have to decrypt it to recover the real address. This does not protect against someone breaking into the production server: whoever does that would also have access to the secret key. But it does allow us to exchange data dumps (which we are going to need for testing) without worrying about people stealing the email data.

I am not sure whether the benefit I have outlined is worth the cost of the code changes. What do you think?