Home > Commerce Insights Blog > Elements of Ecommerce Data Encryption

Commerce Insights Blog

Elements of Ecommerce Data Encryption
8/13/2009 7:24:00 AM
Securing Ecommerce database information is crucial for service providers and storefront hosts in an effort at preventing hacking and ensuring transparent data transfer. For Ecommerce provider ShopVisible, it is both optimal and advantageous to utilize TDE or Transparent Data Encryption. While processes such as these are blossoming continuously, it seems noteworthy to briefly hit upon past versions of the SQL server as well to better illustrate how Ecommerce protection functions have emerged and where the gaps still exist for things like PCI compliance.

SQL 2000: This version carries with it little to no encryption capability; code developers must create unique code for client applications to ensure data encryption.

SQL 2005: Here Microsoft procured a new encryption feature at the column level (or cell level) for sensitive data. In this case development applications encrypt the data at the database level, however, some degree of architectural tweaking is still needed internally to modify the process and to work with the 2005 version.

SQL 2008: This is where TDE comes into play and for companies like ShopVisible, if client database files were to become corrupted or stolen, Microsoft now has implemented new heightened levels of encryption protection in the Enterprise edition.

While the protective features of Transparent Data Encryption can become quite granular, there are several main features to highlight with regards to the ShopVisible Ecommerce platform.

    -merchant files and related data stored in the database are encrypted with real time IO encryption tools thereby ensuring that in order to restore the database, the user must possess the original encryption certificate and the master key

    -database level encryption occurs so the users utilize minimal resources for data retention and protection whereas in the past this was an arduously layered process
    -when working with the SQL 2008 version, there is no need for recoding or reconfiguring encryption applications

    -ease of implementation…

    -if in your Ecommerce ecosystem, processes such as database mirroring or log shipping occur naturally, the mutual correspondence between the two databases will be encrypted each and every time log transactions are sent

Upon the enabling (or disabling) of TDE, databases are marked as being encrypted and the server will commence a background thread often deemed an “encryption scan” which will then scan and encrypt all database files. Upon completion, all database files on disk become encrypted as will log files written to disk. At the page level database encryption of files is performed then encrypting the pages before they are ever written to disk and decrypted for memory storage. Utilizing TDE will not increase the database encryption size however.

Microsoft openly states that when enabling TDE, it is imperative for the user to back up both the certificate and private key related to it. If either of these are lost and not backed up in an appropriate manner database entry will not be possible.  Even in the case that TDE is no longer being used in the Ecommerce data transfer process, the encrypting certificate should be held by the developer or technical lead so that other related process can be turned on and off…

ShopVisible is an Atlanta, GA based Ecommerce solution provider intent on security, scalability and reliability.

Currently rated 0 by 0 people

Tags: ShopVisible, Ecommerce solution, Ecommerce security, PCI, TDE
Categories: SEO, RSS, User Generated Content, Commerce Insights Blog
Bookmark and Share


No Comments have been submitted.

Include comments
 January (1)
Recent Posts
Epicor Completes Acquisition of ShopVisible
  Comments: 0
  Rating: 0 / 0
ShopVisible Reveals 24%Increase in Order Volume on National Free Shipping Day
  Comments: 0
  Rating: 0 / 0
ShopVisible Reveals 24%Increase in Order Volume on National Free Shipping Day
  Comments: 0
  Rating: 0 / 0
Epicor to Acquire ShopVisible™
  Comments: 0
  Rating: 0 / 0
5 Universal Tactics to help Increase Conversions
  Comments: 0
  Rating: 0 / 0
Major Online Retailer Rebrands and Re-launches Responsive Design Site
  Comments: 0
  Rating: 0 / 0
How To Get To Omnichannel…Fast
  Comments: 0
  Rating: 0 / 0
ShopVisible Meets Growing Demands of Mid-Market B2B Sellers
  Comments: 0
  Rating: 0 / 0
Direct Marketing News: [Infographic] B2Bs and B2Cs Are Breaking Bad eCom Habits
  Comments: 0
  Rating: 0 / 0
ShopVisible Expands Omnichannel User Experience
  Comments: 0
  Rating: 0 / 0
Allison Howen (1)
BC (2)
Bharat C (2)
Clint Engel -- Furniture Today (1)
DannieB (32)
e-commerce info (1)
E-Commerce Information (1)
Emma G (1)
Glenn Taylor (1)
Jessica Lee (1)
jvm (19)
Karen Marchione (5)
Kendrick (1)
Kendrick Woolford (2)
Lauren Smith (40)
Marketing (118)
marketing@shopvisible.com (3)
Media Coverage (13)
News (2)
Nithya (1)
PAN Communications (1)
Press Releases (10)
Sean Cook (11)
SEO Information (1)
ShopVisible Marketing (21)
Stacy Shade (7)
The Frog (4)
Webster J Frogg (10)
Will Devlin (11)
Back to top

Contact Us

Tell us a little bit about what you are interested in so we can better serve you

Do you have an RFP you would like us to consider?

Please complete the contact form and indicate that you have an RFP in the message field. When we contact you, we’ll request a copy and respond with a customized solution to meet your needs.

You can get our RFP form here.

Would you like to speak to one of our platform consultants?

Please indicate that you would like to set up a call with one of our team members in the message field of the contact form. We’ll set up a time that’s convenient for you to show you the inner workings of the ShopVisible platform, and answer any technical questions you might have.