I asked this question on the security boards first and received no traction so I figured I would turn to old reliable...
I have come across a web application that a company has asked me to rebuild. After all the implementation is said and done I will deploy on a private server, and the database will be on its own private server. I will manage the communication between the two with firewalls and the both of the servers data and web will be behind a load balancer. My question is this, the data that is being collected is extremely sensitive data, do I pick out the columns of sensitive information and enrypt them, because before now they have not been done so, or would this just be overkill. I want to securely store the information however I can be a bit intense when it comes to my concerns. If the answer is no, that's great and I'm glad I asked. However if the answer is yes, does anyone know how I would go about updating the information to the newly necessary encryption.
The steps would need to be selecting all of the information, converting the columns from varchar to varbinary, encrypting the data, and finally inserting it back into the database.
The development stack for code to data I'm using is java/mysql.
Thanks in advance guys
Any sensitive data should be encrypted.
Bear in mind, the data is not just accessed through your application. The backups are also stored somewhere, and one day the hard drive of the private server will be recycled. Administrators have access to the drive, and employees of the datacenter where the private server is housed can just pull the drive out and try to read it on another computer.
A former employer once got a call from someone that bought one of our recycled PCs, just to let us know that he deleted all of our product's source code that he found on one of the "recycled" drives in that PC. Don't let something like that happen to your sensitive data.