Products

Solutions

Resources

Partners

Community

About

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...GDPR - Encryption at restGDPR - Encryption at rest
Previous
 
Next
New Post
7/12/2018 9:22 PM
 

One GDPR requirement is data encryption at rest.  

My interpretation of this is that the database needs to be encrypted.

If this is the case, how are you all handling this?  Are you using the Transparent Data Encryption (TDE) feature of MS SQL Server or the Always Encrypted feature of MS SQL 2016?  Is there another option I'm not thinking of?

Thanks

 
New Post
7/14/2018 7:11 PM
 
Justin,
I am aware that we are late with GDPR compliance, however, there is no requirement from it to encrypt the database, as long as you are able to prevent file access to it.
GDPR asks for proper actions to protect against unauthorized access to personal data (in DNN terms: mainly, but not exclusively, columns of users and userprofile table - especially if the site stores sensitive user data (medical, religious or sexual preferences) as well.. TDE is available in SQL Server Enterprise Edition only, which is not used by most sites and has its price (performance), therefore we need to use a different approach. Nonetheless, you are always advised to protect the database of your site as good as possible.

Cheers from Germany,
Sebastian Leupold

dnnWerk - The DotNetNuke Experts   German Spoken DotNetNuke User Group

Speed up your DNN Websites with TurboDNN
 
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...GDPR - Encryption at restGDPR - Encryption at rest


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out