On Mon, Aug 22, 2011 at 10:34 AM, Condor <condor@xxxxxxxxxx> wrote: > I did not worry about hackers attack, I worrying how to secure data > if I physical loss hard drives or server. Let's just imagine that you have > a server and you store on it important data like credit cards, bank acc, > password, clients names, addresses, social numbers, phone numbers and > some think like that ... very important information. When front end is > secured Im worry if I loss hard drives or server. I think if some one > buy so expensive server is not necessary some one with gun to watching it. The best solution typically is to see how much of the stuff like credit card numbers you can avoid storing. Absence of the target is in fact the best way to keep the target secure. If yo must store credit card data, then the PCI-DSS requires that these be stored encrypted with proper key management controls in place. The key management controls are the hard part. Throwing together something that's PCI-DSS-compliant on the surface looks easy. Doing it right is surprisingly hard. On top of this you have to think about the fact that key management can become a significant issue. When you change keys, think about the level of work that requires on the part of the database server to decrypt stuff with the old key and encrypt it all with the new key.... Best Wishes, Chris Travers -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
