How do pros store Critical Employee info in tables?

Question

Post reply

How do pros store Critical Employee info in tables?

ed-1075072

Mr or Mrs. 500

Points: 596
More actions
October 7, 2009 at 8:39 am

#210569

Hi everyone!,

I have a basic question and pardon me if I sound dumb about it.

How do you store critical information such as passwords, SSN, Salary info in tables?

For example are passwords stored as binary or varbinary? What about Salary info? SSN? DOB? What is the best datatypes for storing this sensitive info?

I am sure employees at corporations are concerned if the DBA or anyone with the authority can dig into the employee tables and find out how much they make a year.

I have never been involved in the design of the tables but I want to learn; and I believe this is the right place to ask, I would like to hear it from the pros.

Are there any good books that cover all of this out there? Can anyone recommend one? When I took database analysis and design at school, we barely touch this topic.

Thanks in advance

Ed

Viewing 7 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic. Login to reply

Jack Corbett SSC Guru Points: 184388 More actions · Answer 1

Jack Corbett

SSC Guru

Points: 184388

October 7, 2009 at 3:00 pm

#1063098

I'd store as varbinary with encryption done by the business layer.

Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question

ed-1075072 Mr or Mrs. 500 Points: 596 More actions · Answer 2

ed-1075072

Mr or Mrs. 500

Points: 596

October 8, 2009 at 6:16 am

#1063382

Thanks for the reply.

Varbinary, is that just for the password field or for all the mentioned fields such as SSN, Salary info?

Thanks

Ed

PaulB-TheOneAndOnly SSC Guru Points: 66773 More actions · Answer 3

ed-1075072 (10/8/2009)

... or for all the mentioned fields such as SSN, Salary info?

all columns you want to protect.

_____________________________________
Pablo (Paul) Berzukov

Author of Understanding Database Administration available at Amazon and other bookstores.

Disclaimer: Advice is provided to the best of my knowledge but no implicit or explicit warranties are provided. Since the advisor explicitly encourages testing any and all suggestions on a test non-production environment advisor should not held liable or responsible for any actions taken based on the given advice.